HP Web JetAdmin Directory Traversal Vulnerability

By default JetAdmin Web Interface Server listens on port 8000. By requesting a specially formed URL which includes "../" it is possible for a remote user to gain read-access to any files outside of the web-published directory.


 

Privacy Statement
Copyright 2010, SecurityFocus