CVE-2002-2033 Information

Description

faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by specifying the filename in the toc parameter with a trailing null character (00).

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-01/0065.html http://www.iss.net/security_center/static/7833.php http://www.securityfocus.com/bid/3810