TUCoPS :: Web :: Servers :: b06-4767.htm

Busy box httpd file traversal vulenrability
Busy box httpd file traversal vulenrability
Busy box httpd file traversal vulenrability



a file traversal attack is possible in busybox's http daemon when you send a url encoded slash like this http://attacked-host//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd I have tested with busy box 1.01 and I dont know if other versions are vulenrable 

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH