MnSCU/PALS WebPALS Remote Command Execution Vulnerability

A specially crafted URL composed of a known filename, will disclose the requested file residing on a machine running WebPALS. This vulnerability will also allow an attacker to execute arbitrary code with root privileges.


 

Privacy Statement
Copyright 2010, SecurityFocus