Intrusion Prevention

PHP.FileServer.php.SRC.Parameter.Directory.Traversal

Description

This indicates a possible exploit of a directory-traversal vulnerability in FileServer.php in ContentServ.
This vulnerability is in the "admin/FileServer.php" script and is caused by the script's inability to properly validate the "src" parameter. An attacker may exploit this to access arbitrary files.

Affected Products

ContentServ version 4.2 and prior

Impact

System compromise.

Recommended Actions

Apply the patch found at the following web site:
http://www.contentserv.com/CSWeb/CSNet-Products-Security_Patches--328.htm

CVE References

CVE-2006-6277