2000-04-25 04:00:00
mitre
PUBLISHED
Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter.