Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.Referenceshttp://marc.info/?l=bugtraq&m=112501186602731&w=2
