|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: ][-][UNTER (lopht
tutopia.com)Date: Wed Feb 27 2002 - 04:02:34 CST
Hi bugtraq again...
Now i' ve found another vulnerability in BPM STUDIO PRO 4.2 http server
implementation.
Anyone can download any file in some host running this software simply like
performing this http request :
http://BPM-HOST/../../../../autoexec.bat
http server is not activated by default...
byes
-----------------------------------------------
][-][UNTER
Infobyte Security Research Crew
Buenos Aires, Argentina
-----------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]