Abyss Web Server Encoded Traversal Arbitrary File Access

2002-04-09T15:20:33
ID OSVDB:5237
Type osvdb
Reporter Jeremy Roberts(macaddy@msn.com)
Modified 2002-04-09T15:20:33

Description

Vulnerability Description

Abyss Web Server contains a flaw that allows a remote attacker to arbitrary access files outside of the web path. By sending a specially crafted URL containing hexadecimal encoded "dot dot" characters, a remote attacker could obtain the administrative configuration file, which contains the administrative password in plaintext, resulting in a loss of confidentiality.

Solution Description

Upgrade to version 1.0.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Abyss Web Server contains a flaw that allows a remote attacker to arbitrary access files outside of the web path. By sending a specially crafted URL containing hexadecimal encoded "dot dot" characters, a remote attacker could obtain the administrative configuration file, which contains the administrative password in plaintext, resulting in a loss of confidentiality.

Manual Testing Notes

http://[victim]/cgi-bin/%2e%2e/abyss.conf

References:

Vendor URL: http://www.aprelium.com/index.html Vendor Specific Solution URL: http://www.aprelium.com/news/abws103.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-04/0110.html ISS X-Force ID: 8805 CVE-2002-0543 Bugtraq ID: 4466