Arbitrary File Access and Modification via Symlink in BSCW Groupware System
CVE-2001-0973 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:P/A:N
BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space.
Learn more about our Web Application Penetration Testing UK.