Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

webplus security hole
From: TalentSoft.Support () EXCHANGE TALENTSOFT COM (TalentSoft.Support)
Date: Thu, 13 Apr 2000 15:31:18 -0500

This email is sent to advise all users of webplus having a build prior to
512 that there has been a reported security problem. In the url, if running
webplus as the user 'root', it is possible to use the '..' command to
traverse directories on the server. This technique can be used to view
proprietary files on the web server. This problem has been corrected in
builds of webplus after 512. For those who need the upgraded binary, you can
either contact support () talentsoft com for a link to the patch, or obtain the
patch from the web site (www.talentsoft.com). The security advisory section
of the web site is currently under construction, but should be completed
very soon.

Thank You
Technical Support
talentsoft

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]