CVE-2006-4140
CVE-2006-4140
Directory traversal vulnerability in IPCheck Server Monitor before 5.3.3.639/640 allows remote attackers to read arbitrary files via modified .. (dot dot) sequences in the URL, including (1) "..%2f" (encoded "/" slash), "..../" (multiple dot), and "..%255c../" (double-encoded "\" backslash).
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/28374unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://secunia.com/advisories/21468http://securityreason.com/securityalert/1389http://securitytracker.com/id?1016676https://exchange.xforce.ibmcloud.com/vulnerabilities/28341http://www.paessler.com/forum/viewtopic.php?p=4047&sid=f8c0f03a69d9498338797c6ea3cc6733http://www.paessler.com/ipcheck/historyhttp://www.securityfocus.com/archive/1/442822/100/0/threadedhttp://www.securityfocus.com/archive/1/444227/100/0/threadedhttp://www.securityfocus.com/bid/19473http://www.vupen.com/english/advisories/2006/3259