CVE-2009-2166

描述

Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter.

受影響套件(1)

• Debian/ocsinventory-serverfrom 0, < 1.02.1-1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-2166