CVE-2002-1546 Information

Description

BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a /./\ sequence.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0043.html http://www.iss.net/security_center/static/10467.php http://www.securityfocus.com/bid/6041 http://www.securityoffice.net/articles/webweaver/