VULHUB ™

A remote user may browse any known directory on a host running Fastraq Mailtraq 1.1.4 by making a URL request that includes the '../' string. In addition, requesting a URL appended with "../" and an unusually long character string will return an error message disclosing the full path of the Mailtraq installation directory.

A remote user may browse any known directory on a host running Fastraq Mailtraq 1.1.4 by making a URL request that includes the '../' string. In addition, requesting a URL appended with "../" and an unusually long character string will return an error message disclosing the full path of the Mailtraq installation directory.