eFileGo Server Traversal Arbitrary Command Execution

2005-12-31T14:48:23
ID OSVDB:22151
Type osvdb
Reporter Dr_insane(dr_insane@pathfinder.gr)
Modified 2005-12-31T14:48:23

Description

Vulnerability Description

eFileGo contains a flaw that allows a remote attacker to execute programs outside of the web path. The issue is due to the eFileGo server not properly sanitizing user input, specifically traversal style attacks (../../) supplied to the server.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

eFileGo contains a flaw that allows a remote attacker to execute programs outside of the web path. The issue is due to the eFileGo server not properly sanitizing user input, specifically traversal style attacks (../../) supplied to the server.

Manual Testing Notes

http://[target]:608/.../.../.../.../.../windows/ http://[target]:608/.../.../.../.../.../.../windows/explorer.exe

http://[target]:608/.../.../.../.../.../.../.../windows/system32/cmd.exe?/c+dir

References:

Vendor URL: http://www.paqtool.com/ Security Tracker: 1015430 Secunia Advisory ID:18279 Related OSVDB ID: 22152 Other Advisory URL: http://www.ipomonis.com/advisories/PaQFile_Share.txt CVE-2005-4622 Bugtraq ID: 16124