CVE-2006-4140 Information
Description
Directory traversal vulnerability in IPCheck Server Monitor before 5.3.3.639/640 allows remote attackers to read arbitrary files via modified .. (dot dot) sequences in the URL including (1) ..2f\ (encoded /\ slash) .…/\ (multiple dot) and ..255c../\ (double-encoded \\ backslash).
Reference
http://secunia.com/advisories/21468 http://securityreason.com/securityalert/1389 http://securitytracker.com/id?1016676 http://www.paessler.com/forum/viewtopic.php?p=4047&sid=f8c0f03a69d9498338797c6ea3cc6733 http://www.paessler.com/ipcheck/history http://www.securityfocus.com/archive/1/442822/100/0/threaded http://www.securityfocus.com/archive/1/444227/100/0/threaded http://www.securityfocus.com/bid/19473 http://www.vupen.com/english/advisories/2006/3259 https://exchange.xforce.ibmcloud.com/vulnerabilities/28341 ipcheck-url-directory-traversal(28341)
Share on: