CVE-2001-1045

Description

Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the request_id[DUMMY] parameter.

Affected products

• basilix / basilix_webmail1.02_beta – 1.02_beta
• basilix / basilix_webmail1.03_beta – 1.03_beta

References

• MISChttp://www.securityfocus.com/bid/2995
• MISChttp://archives.neohapsis.com/archives/bugtraq/2001-07/0114.html
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/6873