faust Informatics FreeStyle chat 4.1 sr2 - Directory Traversal

EDB-ID:

20882


Author:

nemesystm

Type:

remote


Platform:

Multiple

Date:

2001-05-25


source: https://www.securityfocus.com/bid/2776/info

Freestyle Chat server from Faust Informatics incorporates interactive chat functionality into websites.

Versions of Freestyle Chat are vulnerable to directory traversal attacks. This can allow a remote user to request files from outside the normal webserver directory scope.

Properly exploited, this could provide information useful in further attacks on the vulnerable host. 

http://www.example.com/.../.../scandisk.log