Directory Traversal Attack
A directory traversal (or path traversal) consists in exploiting insufficient security validation / sanitization of user-supplied input file names, so that characters representing "traverse to parent directory" are passed through to the file APIs.
The goal of this attack is to order an application to access a computer file that is not intended to be accessible. This attack exploits a lack of security (the software is acting exactly as it is supposed to) as opposed to exploiting a bug in the code.
Directory traversal is also known as the ../ (dot dot slash) attack, directory climbing, and backtracking. Some forms of this attack are also canonicalization attacks.
Read more about Directory Traversal Attack: Example, Possible Methods To Prevent Directory Traversal
Famous quotes containing the words directory and/or attack:
“An actor who knows his business ought to be able to make the London telephone directory sound enthralling.”
—Donald Sinden (b. 1923)
“Conventionality is not morality. Self-righteousness is not religion. To attack the first is not to assail the last. To pluck the mask from the face of the Pharisee is not to lift an impious hand to the Crown of Thorns.”
—Charlotte Brontë (1816–1855)