[17963] in bugtraq

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

MetaProducts Offline Explorer

daemon@ATHENA.MIT.EDU (Dodger)
Fri Dec 8 01:38:56 2000

Message-ID:  <20001207094640.7661.qmail@securityfocus.com>
Date:         Thu, 7 Dec 2000 09:46:40 -0000
Reply-To: dodger@PARADIGMA.NET
From: Dodger <dodger@PARADIGMA.NET>
To: BUGTRAQ@SECURITYFOCUS.COM

the Offline Explorer 1.4 has a serious bug. its similar 
to the fixed http://127.0.0.1:800/./../../ (bugtraq id 
1231) bug. with http://127.0.0.1:800/C:/ it is possible 
to access the harddrive and read all files
i have just received a message that this bug is fixed 
in the newest version (Offline Explorer 1.4 Service 
Release 2)

home	help	back	first	fref	pref	prev	next	nref	lref	last	post