Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 up to and including 10.0, allows remote malicious users to read arbitrary files via a .. (dot dot) sequence in an HTTP request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mono xsp |
||
suse suse open enterprise server 1 |
||
suse suse linux 10.0 |
||
suse suse linux 9.3 |
||
suse suse linux 9.2 |
||
suse suse linux 10.1 |