UltraBoard UltraBoard.cgi Arbitrary File Access

2000-05-03T00:00:00
ID OSVDB:4065
Type osvdb
Reporter OSVDB
Modified 2000-05-03T00:00:00

Description

Vulnerability Description

UltraBoard contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the "UltraBoard.cgi" not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the "Post" variable.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

UltraBoard contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the "UltraBoard.cgi" not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the "Post" variable.

Manual Testing Notes

Acceptable Variables: Variables: Action=PrintableTopic Post=[path_including_".."_to_any_file][NULLBYTE] Board=[valid_board] Idle=10 Sort=0 Order=Descend Page=0 Session=

References:

Related OSVDB ID: 1309 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2000-05/0028.html Keyword: Directory Traversal ISS X-Force ID: 4408 CVE-2000-0332 Bugtraq ID: 1164