|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Phuong Nguyen (dphuong
yahoo.com)Date: Mon Aug 20 2001 - 08:13:47 CDT
Javaserver Web Dev Kit version 1.0 (JWSDK)
JWSDK directory traversal vulnerability is found by
CHINANSL Security Advisory(CSA-200106), i want to add
another thing, it's also vulnerable to other operating
system like redhat 6.1 and this nasty bug allows you
to browse and read any file with ROOT previledge , so
you can read shadow file and stuff
http://localhost:8080/../examples//WEB-INF/../../../../../
__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]