CVE-2006-4140 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-4140
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4140

Description: Directory traversal vulnerability in IPCheck Server Monitor before 5.3.3.639/640 allows remote attackers to read arbitrary files via modified .. (dot dot) sequences in the URL, including (1) "..%2f" (encoded "/" slash), "..../" (multiple dot), and "..%255c../" (double-encoded "\" backslash).

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/28341 ST 1016676 SREASON http://securityreason.com/securityalert/1389 SAID Secunia Advisory: SA21468 CONFIRM http://www.paessler.com/ipcheck/history http://www.paessler.com/forum/viewtopic.php?p=4047&sid=f8c0f03a69d9498338797c6ea3cc6733 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/444227/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/442822/100/0/threaded BID 19473

Return to the previous page.