CVE-2002-1133

Encoded directory traversal vulnerability in Dino’s web server 2.1 allows remote attackers to read arbitrary files via ".." (dot dot) sequences with URL-encoded (1) "/" (%2f") or (2) "" (%5c) characters.

Date published : 2002-09-24

http://www.securityfocus.com/bid/5782

http://marc.info/?l=bugtraq&m=103281444824285&w=2