• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Apple Mac OS X Server Wiki Server Directory Traversal Vulnerability

Apple Mac OS X Server Wiki Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue allows an attacker to access arbitrary files outside of the application's document root directory. This can expose sensitive information that could help the attacker launch further attacks.

Note that attackers must be registered wiki users to exploit this issue.

Wiki Server from Mac OS X Server 10.5 is vulnerable.