Plug and Play Web Server Arbitrary File/Directory Access

2003-09-18T10:48:12
ID OSVDB:2164
Type osvdb
Reporter OSVDB
Modified 2003-09-18T10:48:12

Description

Vulnerability Description

Plug and Play Web Server contains a flaw that allows a remote attacker to read arbitrary files or directory contents outside of the web path. The issue is due to the server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the URI.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Plug and Play Web Server contains a flaw that allows a remote attacker to read arbitrary files or directory contents outside of the web path. The issue is due to the server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the URI.

Manual Testing Notes

http://[victim]....\existing_file http://[victim]/../../autoexec.bat http://[victim]/../../windows/win.ini http://[victim]/../../ [show the files and the folders in C drive - if the 'Show Directory list when homepage does not exist' option is active.]

References:

Vendor URL: http://www.pandpsoftware.com Secunia Advisory ID:9778 Other Advisory URL: http://packetstormsecurity.nl/0309-exploits/pandpdt.txt Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-09/0297.html Keyword: Directory Traversal ISS X-Force ID: 13233 Bugtraq ID: 8645