Phase:Directory traversal vulnerability in talkback.cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the article parameter.
ReferencesBUGTRAQ:Monday, April 09, 2001 talkback.cgi vulnerability may allow users to read any file | URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0128.html | BID:2547 | URL:http://www.securityfocus.com/bid/2547
Votes:Proposed (Thursday, May 24, 2001)
Comments: MODIFY(1) Frech | NOOP(4) Cole, Ziese, Christey, Wall
F7: Frech> XF:talkback-cgi-read-files(6340) | Christey> BID:2547 | URL:http://www.securityfocus.com/bid/2547