Webtraversal in PCI Netsupport Manager (all version up to 7 using web extensions)

[<watcher60 () hotmail com>]

It is possible to view and download files on machines 
running  PCI Netsupport Manager (all version up to 7) 
that have the  web extensions switched on (default 
port 80). This has only been tested on Windows NT 4 
(server and workstation) and Windows 2000 (Pro , 
Server and Advanced server).
Example on a standard version 5.5 install (location 
c:\nsm) the URL to view the boot.ini file in the root 
would be:
http://machinename:relevant_port/../boot.ini

version 6 +:
http://machinename:relevant_port/../../boot.ini

I have received confirmation from PCI that this bug is 
fixed in version 7 onwards

Watcher60