CVE-2001-0557 Information

Description

T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to view arbitrary files via a ‘..’ (dot dot) attack which is URL encoded (2e2e).

Reference

http://archives.neohapsis.com/archives/bugtraq/2001-05/0086.html http://www.kb.cert.org/vuls/id/132099 http://www.securityfocus.com/bid/2703 https://exchange.xforce.ibmcloud.com/vulnerabilities/6513