Web Forum Server Traversal Arbitrary File Access

2004-11-02T08:30:01
ID OSVDB:11387
Type osvdb
Reporter R00tCr4ck(root@cyberspy.org)
Modified 2004-11-02T08:30:01

Description

Vulnerability Description

Web Forum Server contains a flaw that allows a remote attacker to view files outside of the web path. The issue is due to Web Forum Server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via URL.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Web Forum Server contains a flaw that allows a remote attacker to view files outside of the web path. The issue is due to Web Forum Server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via URL.

Manual Testing Notes

http://[victim]/......\file.ext http://[victim]/../../../file.ext http://[victim]/%2E%2E%5C%2E%2E%5C%2E%2E%5Cfile.ext http://[victim]/%2E%2E%2F%2E%2E%2F%2E%2E%2Ffile.ext

References:

Vendor URL: http://www.minihttpserver.net Security Tracker: 1012048 Secunia Advisory ID:13078 Related OSVDB ID: 11388 Mail List Post: http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0019.html CVE-2004-1496