mini-traverse.txt

2007-02-13T00:00:00
ID PACKETSTORM:54360
Type packetstorm
Reporter Daniel Nystrom
Modified 2007-02-13T00:00:00

Description

                                        
                                            `Hello!  
  
Miniwebsvr 0.0.6 suffers from a directory traversal flaw.  
  
"Exploit" :  
  
http://yoursite/..%00  
  
  
Attack vector seems limited as you're only able to list one level down.  
  
Cheers,  
  
Daniel Nyström, daniel.nystrom@xored.net  
Fredrik Wessberg, fredd3@hotmail.com  
  
`