CVE-2005-1365 Information

Description

Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL with multiple leading /\ (slash) characters and ..\ sequences.

Reference

http://marc.info/?l=full-disclosure&m=111625635716712&w=2 http://sourceforge.net/project/shownotes.php?release_id=327708 http://www.redteam-pentesting.de/advisories/rt-sa-2005-010.txt http://www.securityfocus.com/bid/13642