Symantec Mail-Gear 1.0 Directory Traversal
Reported November 29, 1999 by USSRLABS
Symantec"s Mail-Gear has a Web-based administration service that listens on port 8003. The service is vulnerable to directory traversal using specific URL patterns.
By using a syntax similar to that shown below, file contents may be revealed.
Symantec has corrected the problem in their new Mail-Gear v1.1.
Discovered by USSRLABS