AMLServer Directory Traversal Vulnerability

Air Messenger LAN Server for Microsoft Windows allows users to exchange phone, pager and email messages through a Web gateway.

The web interface that comes equipped with AMLServer is prone to directory traversals. The result is that an attacker may craft a URL which will display arbitrary files on the vulnerable host.

This may lead to a disclosure of sensitive information to attackers.


 

Privacy Statement
Copyright 2010, SecurityFocus