MailReader.com 2.3.x - 'NPH-MR.cgi' File Disclosure

Author: pokleyzz
type: webapps
platform: cgi
port: 
date_added: 2002-10-28  
date_updated: 2012-10-14  
verified: 1  
codes: CVE-2002-1581;OSVDB-8192  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 21966.txt  

source: https://www.securityfocus.com/bid/6055/info

A vulnerability exists in Mailreader.com which may enable remote attackers to disclose the contents of arbitrary webserver readable files. An attacker may exploit this issue by submitting a malicious web request containing dot-dot-slash (../) directory traversal sequences. The request must be for a known resource, and the file request must be appended by a null byte (%00).

http://www.example.com/cgi-bin/mail/nph-mr.cgi?do=loginhelp&configLanguage=../../../../../../../etc/passwd%00