Full Disclosure mailing list archives
[CIRT.DK - Advisory 37] TAC Vista Webstation 3.0 Directory Traversal bug in webinterface
From: "CIRT.DK Advisory" <advisory () cirt dk>
Date: Fri, 16 Sep 2005 21:04:33 +0200
TAC Vista is based on open technologies, TAC VistaR is one of the most advanced software solutions for building automation. TAC Vista efficiently and economically controls, checks and analyzes all building operations, allowing system operators to control and monitor entire systems on site or from remote locations. The Web application is running on a Microsoft IIS 5.0 Server in this case. The problem is occurring in the input field of where the Template is called, resulting in the possibility to traverse into other parts of the system. Read the full Advisory at http://www.cirt.dk _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [CIRT.DK - Advisory 37] TAC Vista Webstation 3.0 Directory Traversal bug in webinterface CIRT.DK Advisory (Sep 16)