Description
Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp.
Affected products
- caucho_technology / resin2.1.1 – 2.1.1
- caucho_technology / resin2.1.2 – 2.1.2