Mongrel 'DirHandler' Class Directory Traversal Information Disclosure Vulnerability

Bugtraq ID: 27133
Class: Input Validation Error
CVE: CVE-2007-6612
Remote: Yes
Local: No
Published: Dec 28 2007 12:00AM
Updated: May 29 2008 05:53PM
Credit: Eric Mason is credited with the discovery of this vulnerability.
Vulnerable: Mongrel Mongrel 1.1.2
Mongrel Mongrel 1.0.4
Apple Mac OS X Server 10.5.2
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.5
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.1
Apple Mac OS X 10.4.11
Apple Mac OS X 10.5
Not Vulnerable: Mongrel Mongrel 1.1.3
Mongrel Mongrel 1.0.5


 

Privacy Statement
Copyright 2010, SecurityFocus