Bugtraq mailing list archives
ArGoSoft 1.2.2.2 *.lnk upload Directory Traversal
From: ByteRage <byterage () yahoo com>
Date: Sun, 1 Jul 2001 09:30:35 -0700 (PDT)
ArGoSoft 1.2.2.2 *.lnk upload Directory Traversal ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AFFECTED SYSTEMS ArGoSoft 1.2.2.2 DESCRIPTION ArGoSoft also has the *.lnk upload directory traversal vulnerability : PUT \local.lnk remote.lnk. IMPACT users with write permissions can traverse directories, by uploading a lnk file pointing to the desired file / directory VENDOR STATUS I have sent this advisory to <support () argosoft com> ======================================================= [ByteRage] <byterage () yahoo com> [www.byterage.cjb.net] ======================================================= __________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail http://personal.mail.yahoo.com/
Current thread:
- ArGoSoft 1.2.2.2 *.lnk upload Directory Traversal ByteRage (Jul 02)