info
discussion
exploit
solution
references
Linux ntop Unauthorized File Retrieval Vulnerability
The default directory ntop serves HTML from is /etc/ntop/html so to retrieve /etc/shadow one can request the following URL: http://URL:port/../../shadow
Privacy Statement
Copyright 2010, SecurityFocus
