CVE-2002-0786 Information

Description

iCon administrative web server for Critical Path inJoin Directory Server 4.0 allows authenticated inJoin administrators to read arbitrary files by specifying the target file in the LOG parameter.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0068.html http://www.iss.net/security_center/static/9054.php http://www.securityfocus.com/bid/4718