Just for reference, ocsinventory-server 1.02.1-1 fixed also CVE-2009-2166: CVE-2009-2166[0]: | Absolute path traversal vulnerability in cvs.php in OCS Inventory NG | before 1.02.1 on Unix allows remote attackers to read arbitrary files | via a full pathname in the log parameter.
For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2166 http://security-tracker.debian.net/tracker/CVE-2009-2166
signature.asc
Description: OpenPGP digital signature
