Directory traversal vulnerability in lstat.cgi in LinuxStat before 2.3.1 allows remote attackers to read arbitrary files via (1) .. (dot dot) sequences or (2) absolute paths to the template parameter.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/17833http://sourceforge.net/project/shownotes.php?release_id=277371http://www.securityfocus.com/bid/11517http://securitytracker.com/id?1011920http://www.osvdb.org/11103http://secunia.com/advisories/12963
