|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: ByteRage (byterage
YAHOO.COM)Date: Sun Jul 01 2001 - 11:30:18 CDT
ArGoSoft 1.2.2.2 *.lnk upload Directory Traversal
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
AFFECTED SYSTEMS
ArGoSoft 1.2.2.2
DESCRIPTION
ArGoSoft also has the *.lnk upload directory traversal
vulnerability :
PUT \local.lnk remote.lnk.
IMPACT
users with write permissions can traverse directories,
by uploading a lnk file pointing to the desired file /
directory
VENDOR STATUS
I have sent this advisory to <supportargosoft.com>
=======================================================
[ByteRage] <byterageyahoo.com> [www.byterage.cjb.net]
=======================================================
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/
_____________________________________________________________________
** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]