CVE-2001-1242 Information

Description

Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbitrary code via a .. (dot dot) in an HTML form.

Reference

http://archives.neohapsis.com/archives/bugtraq/2001-07/0287.html http://archives.neohapsis.com/archives/bugtraq/2001-07/0349.html http://www.iss.net/security_center/static/6846.php http://www.midwinter.com/~koreth/uncgi-changes.html http://www.securityfocus.com/bid/3056