Directory Traversal Vulnerability in mod_mono for SUSE Linux
CVE-2006-2658

Currently unrated

Key Information:

Vendor: Suse
Status: Suse Open Enterprise Server; Xsp
Vendor: CVE Published:; 12 September 2006

Summary

A directory traversal vulnerability exists in the xsp component of mod_mono used in the Mono/C# web server. This flaw lets remote attackers exploit the software by leveraging '..' sequences in HTTP requests to access files on the server that should remain protected. Affected systems include SUSE Open-Enterprise-Server 1 and various versions of SUSE Linux, making it crucial for administrators to apply relevant mitigations to safeguard sensitive data.

References

http://secunia.com/advisories/21847

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2006/3552

vdb-entryx_refsource_VUPEN

http://securitytracker.com/id?1016821

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Sep 12, 2006
Vulnerability Reserved
May 30, 2006