Post-Nuke pnTresMailer Directory Traversal Arbitrary File Access
Medium Nessus Network Monitor Plugin ID 2440
SynopsisThe remote host is vulnerable to a directory traversal flaw.
DescriptionThe remote host is running a version of the pnTresMailer PostNuke module that is vulnerable to a directory traversal attack.
An attacker may use this flaw to read arbitrary files on the remote web server with the privileges of the web server process.
SolutionUpgrade or patch according to vendor recommendations.