Mathopd - Directory Traversal Vulnerability

2012-02-08T00:00:00
ID SECURITYVULNS:DOC:27617
Type securityvulns
Reporter Securityvulns
Modified 2012-02-08T00:00:00

Description

Hi,

Mathopd - Security Alerts

Directory Traversal Vulnerability

Reported: 2 February 2012

Older versions of the software have a vulnerability that could lead to directory traversal if the '*' construct for mass virtual hosting is used.

Affected: all 1.4 versions, all 1.5 versions up to 1.5p7.

Fixed in: Mathopd 1.5p7

http://www.mathopd.org/security.html http://www.mail-archive.com/mathopd%40mathopd.org/msg00392.html