Trowalts
New member
The vulnerability takes advantage of file traversal thats not checked during the use of a URL. The URL in question is that which is sent by servers to clients to download a server sponsor image (Normally, but not in this case...). So a maliciouse server could esentially download any nasty piece of code onto clients connecting to that server.
This is a rather new exploit but I suspect many servers will pop up soon, take care.
If you want to read more you can find a description of the exploit at:
http://www.exploit-db.com/exploits/14267/
This is a rather new exploit but I suspect many servers will pop up soon, take care.
If you want to read more you can find a description of the exploit at:
http://www.exploit-db.com/exploits/14267/