Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web :: Servers :: bt1266.txt

Minihttpserver File-Sharing for NET Directory Traversal Vulnerability

Minihttpserver File-Sharing for NET Directory Traversal Vulnerability

Affected Systems: File-Sharing for NET

version: 1.5 (and possibly earlier versions)

Vendor: Minihttpserver -

Issue:  Directory Traversal Vulnerability

Released: 2 October 2003



"File Sharing for net is a complete, secure web server that shares 

your business documents and files over the web: remote users only 

need browsers to view your files. Share, transfer files securely with 


- Vendors Description

   [ ]



File-Sharing for NET has a Directory Traversal Vulnerability Using 

the string '../' or '..\' in a URL, an attacker can gain read access 

to any file outside of the intended web-published file system 





--------- Program Files/FileSharing for NET/User.ini

Vendor status:


The vendor has been informed, and they are fixing this bug.

The updated version, when released, can be downloaded from:

Discovered by/Credit:


Bahaa Naamneh

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH