Glossary Description

Directory Traversal

Description:

Using one or more "../" to wander in the filesystem. It is widely used to access information that should keep private. For instance, HTTP server with such flaw allow /etc/passwd reading by sending an URL such as http://target/../../../../../../../../etc/passwd. This feature has often to be combined with other ones to manage the reading of private information.

© 2003-2007 NexantiS Corporation (www.securescout.com)
SecureScout is a trademark of NexantiS
All Rights Reserved
All products names referenced herein are trademarks of their respective companies

SecureScout products are certified:
CVE Compatible
SANS TOP 20 Compatible
CVSS Compatible (Common Vulnerability Scoring System)