OSVDB ID: 2793 Title: TelCondex tc.SimpleWebServer Directory Traversal |
Info |
|
|
Dates |
||||
|
|
Description |
TelCondex's SimpleWebServer version 2.13.31027 Build 3289 contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker sends specially-crafted HTTP requests containing modified "dot dot dot" sequences that use three dots instead of two (.../) which will disclose files outside of the root directory information resulting in a loss of confidentiality. |
Classification |
Attack Type:
Input Manipulation
|
Solution |
Currently, there are no known upgrades, patches, or workarounds available to correct this issue. |
Products |
|
References |
|
Credit |
Unknown or Incomplete |