Date: Sat, 23 Dec 2000 14:40:59 +0100 From: bt@SPITZNER.ORG Subject: Technote To: BUGTRAQ@SECURITYFOCUS.COM Technote a korean company sells something like a web-board called technote (surprise). I'm not aware where this software is used outside korea , but at least _some_ versions (used ones) contain a file disclosure vuln. Ex: http://students.washington.edu/~jaeyong/technote/technote/print.cgi?board=../../../../../../../../etc/passwd%00 Since I cannot read anything on their (Technotes) website, I simply sent an email to info@ to notify them. -rasp