- Package name
- Advisory ID
- Affected versions
- 6.1 i586 , 6.0 i586 , 7.0 i586 , 7.1 i586
There is a problem with versions of the boa web server prior to 0.94.8.3 that make it possible to access files outside of the server's document root by the use of properly constructed URL requests. Linux-Mandrake started shipping the boa web server with 7.2 beta which uses the fixed 0.94.8.3 version. Linux-Mandrake users who have installed this package on their own are encouraged to upgrade to the version found in 7.2 beta or cooker.