Gattaca Server 2003 1.1.10.0 allows remote attackers to cause a denial of service (CPU consumption) via directory specifiers in the LANGUAGE parameter to (1) index.tmpl and (2) web.tmpl, such as (a) slash /, (b) backslash , (c) dot .,, (d) dot dot .., and (e) internal slash lang//en.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gattaca_server_2003 | Geeos_team | 1.1.10.0 (including) | 1.1.10.0 (including) |