Family: CGI abuses --> Category: infos
SAP Internet Graphics Server Directory Traversal Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Attempts to read /etc/passwd
Detailed Explanation for this Vulnerability Test
The remote web server is subject to a directory traversal attack.
It is possible to read arbitrary files on the remote host with the
rights of the web server process by making a request such as :
See also :
Upgrade to SAP IGS version 6.40 Patch 11 or later as that reportedly
addresses the issue.
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.