CVE-2001-0593 Information

Description

Anaconda Partners Clipper 3.3 and earlier allows a remote attacker to read arbitrary files via a ‘..’ (dot dot) attack in the template parameter.

Reference

http://anacondapartners.com/cgi-local/apexec.pl?template=ap_releasenotestemplate.html&f1=ap_af_updates_menu&f2=ap_af_releasenotes_clip http://archives.neohapsis.com/archives/bugtraq/2001-03/0395.html http://www.securityfocus.com/bid/2512 https://exchange.xforce.ibmcloud.com/vulnerabilities/6286