T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to view arbitrary files via a .. (dot dot) attack which is URL encoded (%2e%2e).
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Jana_web_server | T._hauck | * | 1.46 (including) |
| Jana_web_server | T._hauck | 1.0j (including) | 1.0j (including) |
| Jana_web_server | T._hauck | 1.45 (including) | 1.45 (including) |
| Jana_web_server | T._hauck | 2.0_beta_1 (including) | 2.0_beta_1 (including) |