AVM KEN! Arbitrary File Access

2000-04-15T00:00:00
ID OSVDB:1282
Type osvdb
Reporter eAX(eax@mad.scientist.com)
Modified 2000-04-15T00:00:00

Description

Vulnerability Description

KEN! contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the URI.

Solution Description

Upgrade to version 1.04.32 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

KEN! contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the URI.

Manual Testing Notes

http://[victim]:3128/../../../../../autoexec.bat

http://[victim]:3128/../../../../../windows/any_pwl_you_want.pwl

References:

Vendor Specific Advisory URL Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2000-04/0073.html Keyword: Directory Traversal ISS X-Force ID: 4303 CVE-2000-0261 Bugtraq ID: 1103