CVE-2006-5596 Information

Description

Directory traversal vulnerability in the SSL server in AEP Smartgate 4.3b allows remote attackers to download arbitrary files via ..\ (dot dot backslash) sequences in an HTTP GET request.

Reference

http://secunia.com/advisories/22550 http://www.securityfocus.com/bid/20722 http://www.vupen.com/english/advisories/2006/4224 https://exchange.xforce.ibmcloud.com/vulnerabilities/29817 https://prdelka.blackart.org.uk/exploitz/prdelka-vs-AEP-smartgate.c https://www.exploit-db.com/exploits/2637