TYPO3 Permissions Privileges and Access Controls Vulnerability - CVE-2008-2717
Reference:
CVE-2008-2717
Title:
TYPO3 Permissions Privileges and Access Controls Vulnerability
Overview:
TYPO3 4.0.x before 4.0.9 4.1.x before 4.1.7 and 4.2.x before 4.2.1 uses an insufficiently restrictive default fileDenyPattern for Apache which allows remote attackers to bypass security restrictions and upload configuration files such as .htaccess or conduct file upload attacks using multiple extensions.