You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The server writes directory listing results to a file tmp.txt, which is not deleted after use.
Exploitation case:
Target user target is browsing a directory and browsing around the system
Attacker, using anonymous user, waits for the target to run 'list'
Attacker uses get tmp.txt to download the directory listing and potentially learn sensitive details about the system
Target user target is unaware of attack.
The text was updated successfully, but these errors were encountered:
The server writes directory listing results to a file tmp.txt, which is not deleted after use.
Exploitation case:
Target user target is browsing a directory and browsing around the system
Attacker, using anonymous user, waits for the target to run 'list'
Attacker uses get tmp.txt to download the directory listing and potentially learn sensitive details about the system
Target user target is unaware of attack.
The text was updated successfully, but these errors were encountered: