AlienForm2 Directory Traversal Vulnerability

AlienForm2 is an interface to the email gateway written in Perl and is maintained by Jon Hedley.

Due to a reported directory traversal issue, it is possible for users to access arbitrary files residing on a host and potentially modify file contents. This may be accomplished by constructing a file path using the characters '.|.%2F'.


 

Privacy Statement
Copyright 2010, SecurityFocus