9 lines
No EOL
528 B
Text
9 lines
No EOL
528 B
Text
source: http://www.securityfocus.com/bid/28127/info
|
|
|
|
MicroWorld eScan Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.
|
|
|
|
Exploiting this issue allows an attacker to access arbitrary files outside of the FTP server root directory. This can expose sensitive information that could help the attacker launch further attacks.
|
|
|
|
eScan Server 9.0.742.98 is vulnerable to this issue; other versions may also be affected.
|
|
|
|
ftp://SERVER:2021//windows/win.ini |