Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an HTTP request.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Xsp | Mono | * | * |
Suse_open_enterprise_server | Suse | 1 (including) | 1 (including) |