5 lines
No EOL
464 B
Text
5 lines
No EOL
464 B
Text
source: http://www.securityfocus.com/bid/773/info
|
|
|
|
Etype's Eserv product is designed to be a one-source internet connectivity solution, incorporating mail, web, ftp, and proxy servers into one package. The web server will allow remote browsing of the entire filesystem by the usage of ../ strings in the URL. This gives an attacker read access to every file on the server's filesystem that the webserver has access to.
|
|
|
|
http://victim.com/../../../autoexec.bat |