CVE-2006-4140
IPCheck Server Monitor - Directory Traversal via URL Dot-Dot Sequences
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-4140. PoCs published by Tassi Raeburn.
AI-analyzed exploit summary The provided text describes a directory traversal vulnerability in IPCheck Server Monitor 5.3.2.609, allowing attackers to retrieve arbitrary files via crafted URLs. It includes example URLs demonstrating the exploit but lacks executable code.
Description
Directory traversal vulnerability in IPCheck Server Monitor before 5.3.3.639/640 allows remote attackers to read arbitrary files via modified .. (dot dot) sequences in the URL, including (1) "..%2f" (encoded "/" slash), "..../" (multiple dot), and "..%255c../" (double-encoded "\" backslash).
Exploits (1)
The provided text describes a directory traversal vulnerability in IPCheck Server Monitor 5.3.2.609, allowing attackers to retrieve arbitrary files via crafted URLs. It includes example URLs demonstrating the exploit but lacks executable code.