| VID |
21158 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The 'ttawebtop.cgi' CGI is installed and it is vulnerable to Directory Traversal. The CGI is a part of Tarantella Enterprise, which enables any application to run over the web - without a need to rewrite it.
The vulnerability in the ttawebtop.cgi script of Tarantella Enterprise versions 3.00 and 3.01 could allow a remote attacker to submit a specially-crafted URL request appended with "dot dot" sequences (/../) to traverse directories and view arbitrary files on the Web server. |
| Recommendation |
Tarantella Enterprise is no longer supported. |
| Related URL |
CVE-2001-0805 (CVE) |
| Related URL |
2890 (SecurityFocus) |
| Related URL |
6723 (ISS) |
|
