Apache Cygwin Directory Traversal Vulnerability

It has been reported that Apache may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory. This issue is only reported to present itself in Apache running on cygwin platforms. A remote attacker may traverse outside the server root directory by using encoded '\..' character sequences.


Privacy Statement
Copyright 2010, SecurityFocus