• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Raz-Lee Security+++ Suite Input Validation Vulnerability

Raz-Lee Security+++ Suite is prone to an input validation vulnerability. Reports indicate that the software fails to filter potentially dangerous character sequences from user requests. In particular, directory traversal sequences are not filtered by the product.

This vulnerability may lead to a false sense of security, where an administrator believes that they are immune to certain attacks, when in reality they are vulnerable.