etype eserv 2.50 - Directory Traversal
| EKU-ID: 25195 | CVE: CVE-1999-1509;OSVDB-54 | OSVDB-ID: |
| Author: Ussr Labs | Published: 1999-11-04 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 25195 | CVE: CVE-1999-1509;OSVDB-54 | OSVDB-ID: |
| Author: Ussr Labs | Published: 1999-11-04 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/773/info Etype's Eserv product is designed to be a one-source internet connectivity solution, incorporating mail, web, ftp, and proxy servers into one package. The web server will allow remote browsing of the entire filesystem by the usage of ../ strings in the URL. This gives an attacker read access to every file on the server's filesystem that the webserver has access to. http://victim.com/../../../autoexec.bat