CVE-2002-0417

Directory traversal vulnerability in Endymion MailMan before 3.1 allows remote attackers to read arbitrary files via a .. dot dot and a null character in the ALTERNATETEMPLATES parameter for various mmstdo.cgi programs...