Vulnonym.com

CVE-2006-5596 - High top Water Vole

Description

Directory traversal vulnerability in the SSL server in AEP Smartgate 4.3b allows remote attackers to download arbitrary files via ..\ (dot dot backslash) sequences in an HTTP GET request.

Reference

https://prdelka.blackart.org.uk/exploitz/prdelka-vs-AEP-smartgate.c http://www.securityfocus.com/bid/20722 http://secunia.com/advisories/22550 http://www.vupen.com/english/advisories/2006/4224 https://exchange.xforce.ibmcloud.com/vulnerabilities/29817 https://www.exploit-db.com/exploits/2637