file sharing for net 1.5 - Directory Traversal

EDB-ID:

23068

CVE:



Author:

sickle

Type:

remote


Platform:

Windows

Date:

2003-08-30


source: https://www.securityfocus.com/bid/8513/info

File Sharing for Net is said to be prone to a directory traversal vulnerability, potentially allowing users to disclose the contents of system files. The problem occurs due to the application failing to parse user-supplied input for directory traversal sequences (../), thus making it possible to access files outside of the established web root.

http://www.example.org/../../../autoexec.bat