Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2e/%2e%2e) in an HTTP URL request.

References

• https://nvd.nist.gov/vuln/detail/CVE-2001-0674
• https://exchange.xforce.ibmcloud.com/vulnerabilities/6394
• http://www.robtex.com/viking/bugs.htm
• http://www.securityfocus.com/archive/1/177231