Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbitrary code via a .. (dot dot) in an HTML form.Referenceshttp://archives.neohapsis.com/archives/bugtraq/2001-07/0349.htmlhttp://www.midwinter.com/~koreth/uncgi-changes.htmlhttp://www.iss.net/security_center/static/6846.phphttp://www.securityfocus.com/bid/3056http://archives.neohapsis.com/archives/bugtraq/2001-07/0287.html
