• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

activeWeb contentserver Permissions Bypass Weakness

activeWeb contentserver is prone to a weakness that may allow an attacker to write files to unauthorized locations. A design error in the application allows editor accounts to write files to unauthorized locations, regardless of the permissions established for the account.

This weakness is confirmed in versions prior to contentserver 5.6.2964.