CVE-2007-5193 Information

Description

The default configuration for twiki 4.1.2 on Debian GNU/Linux and possibly other operating systems specifies the work area directory (cfgRCSWorkAreaDir) under the web document root which might allow remote attackers to obtain sensitive information when .htaccess restrictions are not applied.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444982 http://osvdb.org/42338