Family: CGI abuses --> Category: infos
Tivoli LDACGI Directory Traversal Vulnerability Scan
Vulnerability Scan Summary
IBM Tivoli Directory Traversal
Detailed Explanation for this Vulnerability Test
The remote host is running IBM Tivoli's Directory Server, a lightweight LDAP
server with a web-frontend.
There is a directory traversal issue in the web frontend of this program,
more specifically in the 'ldacgi.exe' CGI. A possible hacker may exploit this
flaw to read arbitrary files on the remote system with the rights of
the web server.
See also : http://www.oliverkarow.de/research/IDS_directory_traversal.txt
Solution : None at this time
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.