NetServe Web Server Directory Traversal and Admin Password Disclosure
2003-11-18T06:49:53
ID OSVDB:2830 Type osvdb Reporter OSVDB Modified 2003-11-18T06:49:53
Description
Vulnerability Description
NetServe Web Server contains a flaw that allows remote attackers to view the contents of any file the web server has access to. The flaw is due to the server not checking URL input for "../" style directory traversal attacks. Using the traversal attack, a remote attacker is able to access the web server config file (config.dat) which reveals important server configuration information as well as the administrative password.
Solution Description
Upgrade to version 1.08 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
Short Description
NetServe Web Server contains a flaw that allows remote attackers to view the contents of any file the web server has access to. The flaw is due to the server not checking URL input for "../" style directory traversal attacks. Using the traversal attack, a remote attacker is able to access the web server config file (config.dat) which reveals important server configuration information as well as the administrative password.
Secunia Advisory ID:10253
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-11/0189.html
ISS X-Force ID: 13776
Bugtraq ID: 9059
{"edition": 1, "title": "NetServe Web Server Directory Traversal and Admin Password Disclosure", "bulletinFamily": "software", "published": "2003-11-18T06:49:53", "lastseen": "2017-04-28T13:19:57", "modified": "2003-11-18T06:49:53", "reporter": "OSVDB", "viewCount": 0, "href": "https://vulners.com/osvdb/OSVDB:2830", "description": "## Vulnerability Description\nNetServe Web Server contains a flaw that allows remote attackers to view the contents of any file the web server has access to. The flaw is due to the server not checking URL input for \"../\" style directory traversal attacks. Using the traversal attack, a remote attacker is able to access the web server config file (config.dat) which reveals important server configuration information as well as the administrative password.\n\n## Solution Description\nUpgrade to version 1.08 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nNetServe Web Server contains a flaw that allows remote attackers to view the contents of any file the web server has access to. The flaw is due to the server not checking URL input for \"../\" style directory traversal attacks. Using the traversal attack, a remote attacker is able to access the web server config file (config.dat) which reveals important server configuration information as well as the administrative password.\n\n## Manual Testing Notes\nhttp://[victim]/../test/\nhttp://[victim]/../../../../boot.ini\nhttp://[victim]/../config.dat\n## References:\n[Secunia Advisory ID:10253](https://secuniaresearch.flexerasoftware.com/advisories/10253/)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-11/0189.html\nISS X-Force ID: 13776\nBugtraq ID: 9059\n", "affectedSoftware": [{"name": "WebServer", "version": "1.0.4", "operator": "eq"}, {"name": "WebServer", "version": "1.0.6", "operator": "eq"}, {"name": "WebServer", "version": "1.0.2", "operator": "eq"}, {"name": "WebServer", "version": "1.0", "operator": "eq"}, {"name": "WebServer", "version": "1.0.3", "operator": "eq"}, {"name": "WebServer", "version": "1.0.7", "operator": "eq"}, {"name": "WebServer", "version": "1.0.5", "operator": "eq"}, {"name": "WebServer", "version": "1.0.1", "operator": "eq"}], "type": "osvdb", "references": [], "enchantments": {"score": {"value": 1.1, "vector": "NONE", "modified": "2017-04-28T13:19:57", "rev": 2}, "dependencies": {"references": [], "modified": "2017-04-28T13:19:57", "rev": 2}, "vulnersScore": 1.1}, "cvss": {"vector": "NONE", "score": 0.0}, "cvelist": [], "id": "OSVDB:2830", "immutableFields": []}
