UltraBoard UltraBoard.pl Arbitrary File Access

2000-05-03T00:00:00
ID OSVDB:1309
Type osvdb
Reporter rudi carell(rudicarell@hotmail.com)
Modified 2000-05-03T00:00:00

Description

Vulnerability Description

UltraBoard contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the "UltraBoard.pl" not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the "Post" variable.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

UltraBoard contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the "UltraBoard.pl" not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the "Post" variable.

Manual Testing Notes

Acceptable Variables: Variables: Action=PrintableTopic Post=[path_including_".."_to_any_file][NULLBYTE] Board=[valid_board] Idle=10 Sort=0 Order=Descend Page=0 Session=

References:

Related OSVDB ID: 4065 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2000-05/0028.html Keyword: Directory Traversal ISS X-Force ID: 4408 CVE-2000-0332 Bugtraq ID: 1164