CVE-2004-2184 Information

Description

Directory traversal vulnerability in Digicraft Yak! server 2.0 through 2.1.2 allows remote attackers to read or write arbitrary files via ../\ or ..\\ sequences in commands such as (1) dir or (2) put.

Reference

http://aluigi.altervista.org/adv/yak-adv.txt http://marc.info/?l=full-disclosure&m=109788315103778&w=2 http://secunia.com/advisories/12849 http://securitytracker.com/id?1011708 http://www.osvdb.org/10763 http://www.securityfocus.com/archive/1/378533 http://www.securityfocus.com/bid/11433 https://exchange.xforce.ibmcloud.com/vulnerabilities/17740