ArGoSoft 1.2.2.2 *.lnk upload Directory Traversal ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AFFECTED SYSTEMS ArGoSoft 1.2.2.2 DESCRIPTION ArGoSoft also has the *.lnk upload directory traversal vulnerability : PUT \local.lnk remote.lnk. IMPACT users with write permissions can traverse directories, by uploading a lnk file pointing to the desired file / directory VENDOR STATUS I have sent this advisory to <[EMAIL PROTECTED]> ======================================================= [ByteRage] <[EMAIL PROTECTED]> [www.byterage.cjb.net] ======================================================= __________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail http://personal.mail.yahoo.com/
