CGI abuses : Resin traversal

Vulnerability Search		Search 219043 CVE descriptions and 99761 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 10656

Category: CGI abuses

Title: Resin traversal

Summary: NOSUMMARY

Description: Description:

It is possible to read arbitrary files on
the remote server by prepending /\../\../
in front on the file name.

Solution : Upgrade your version of Resin in 1.2.3
Risk factor : High

Cross-Ref: BugTraq ID: 2384
Common Vulnerability Exposure (CVE) ID: CVE-2001-0304
http://www.securityfocus.com/bid/2384
Bugtraq: 20010216 Vulnerability in Resin Webserver (Google Search)
http://marc.info/?l=bugtraq&m=98229372610440&w=2

Copyright This script is Copyright (C) 2001 Renaud Deraison

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	10656
Category:	CGI abuses
Title:	Resin traversal
Summary:	NOSUMMARY
Description:	Description: It is possible to read arbitrary files on the remote server by prepending /\../\../ in front on the file name. Solution : Upgrade your version of Resin in 1.2.3 Risk factor : High
Cross-Ref:	BugTraq ID: 2384 Common Vulnerability Exposure (CVE) ID: CVE-2001-0304 http://www.securityfocus.com/bid/2384 Bugtraq: 20010216 Vulnerability in Resin Webserver (Google Search) http://marc.info/?l=bugtraq&m=98229372610440&w=2
Copyright	This script is Copyright (C) 2001 Renaud Deraison