Description
Directory traversal vulnerability in lstat.cgi in LinuxStat before 2.3.1 allows remote attackers to read arbitrary files via (1) .. (dot dot) sequences or (2) absolute paths to the template parameter.
Exploits (1)
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17833
Product x_refsource_confirm
http://sourceforge.net/project/shownotes.php?release_id=277371
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11517
Exploit vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1011920
Patch vdb-entry
x_refsource_osvdb
http://www.osvdb.org/11103
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/12963
Scores
EPSS
0.1046
EPSS Percentile
93.3%
Details
Status
published
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026