CVE-2001-0841

Name of the Vulnerable Software and Affected Versions Ikonboard versions prior to ib220

Description A directory traversal issue exists, allowing remote attackers to overwrite files and gain privileges. This is achieved by using .. (dot dot) sequences in the amembernamecookie cookie.

Recommendations For versions prior to ib220, update to a version later than ib220 to resolve the issue. As a temporary workaround, consider restricting access to the Search.cgi script until a patch is available. Avoid using the amembernamecookie cookie in the affected Search.cgi script until the issue is resolved.