robocisco
07-21-2010, 06:19 PM
The Cisco Internet Streamer application, part of the Cisco Content Delivery System, contains a directory traversal vulnerability on its web server component that allows for arbitrary file access. By exploiting this vulnerability, an attacker may be able to read arbitrary files on the device, outside of the web server document directory, by using a specially crafted URL.
More... (http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3bd1c.shtml)
More... (http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3bd1c.shtml)