CVE-2006-0513 | Vulnerability Database | Aqua Security

Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.

Affected Software

Name	Vendor	Start Version	End Version
Tivoli_access_manager_for_e-business	Ibm	5.1.0.10 (including)	5.1.0.10 (including)
Tivoli_access_manager_for_e-business	Ibm	6.0.0 (including)	6.0.0 (including)

References

http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041930.html
http://secunia.com/advisories/18725
http://securityreason.com/securityalert/412
http://securitytracker.com/id?1015582
http://www-1.ibm.com/support/docview.wss?uid=swg24011562
http://www.securityfocus.com/archive/1/423946/100/0/threaded
http://www.securityfocus.com/bid/16494
http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt
http://www.vupen.com/english/advisories/2006/0442
https://exchange.xforce.ibmcloud.com/vulnerabilities/24485

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-0513
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html