dcam webcam server personal Web server 8.2.5 - Directory Traversal Vulnerability

2003-12-22T00:00:00
ID EDB-ID:23461
Type exploitdb
Reporter Luigi Auriemma
Modified 2003-12-22T00:00:00

Description

DCAM WebCam Server Personal Web Server 8.2.5 Directory Traversal Vulnerability. Remote exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/9273/info

It has been reported that the Personal Web Server of DCAM WebCam Server may be prone to a directory traversal vulnerability that may allow a remote attacker to traverse outside the server root directory by using '.\' character sequences.

DCAM WebCam server versions 8.2.5 and prior are reported to be prone to this issue.

http://www.example.com/.\.\.\.\/windows/system.ini
http://www.example.com/.\.\.\.\.\.\.\.\.\.\/windows/system.ini