Nitr0Us

**Name of the Vulnerable Software and Affected Versions** Yaws version 1.89 **Description** A directory traversal issue allows remote attackers to read arbitrary files by utilizing sequences such as .. (dot dot backslash) and other similar sequences. **Recommendations** For Yaws version 1.89, update to a version that fixes this issue, as using directory traversal sequences can lead to unauthorized file access.

**Name of the Vulnerable Software and Affected Versions** Acunetix Web Vulnerability Scanner (WVS) versions 4.0 Build 20060717 and earlier **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash. This is achieved by sending multiple HTTP requests that contain invalid `Content-Length` values. **Recommendations** For versions 4.0 Build 20060717 and earlier, as a temporary workaround, consider restricting access to the application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.