Directory Traversal Attack
A directory traversal (or path traversal) consists in exploiting insufficient security validation / sanitization of user-supplied input file names, so that characters representing "traverse to parent directory" are passed through to the file APIs.
The goal of this attack is to order an application to access a computer file that is not intended to be accessible. This attack exploits a lack of security (the software is acting exactly as it is supposed to) as opposed to exploiting a bug in the code.
Directory traversal is also known as the ../ (dot dot slash) attack, directory climbing, and backtracking. Some forms of this attack are also canonicalization attacks.
Read more about Directory Traversal Attack: Example, Possible Methods To Prevent Directory Traversal
Famous quotes containing the words directory and/or attack:
“An actor who knows his business ought to be able to make the London telephone directory sound enthralling.”
—Donald Sinden (b. 1923)
“We attack not only to hurt someone, to defeat him, but perhaps also simply to become conscious of our own strength.”
—Friedrich Nietzsche (1844–1900)