Technote print.cgi Arbitrary File Access

2000-12-23T07:40:59
ID OSVDB:6327
Type osvdb
Reporter rasp(bt@spitzner.org)
Modified 2000-12-23T07:40:59

Description

Vulnerability Description

Technote contains a flaw that allows a remote attacker to view arbitrary files outside of the web path. The issue is due to the print.cgi script not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the "board" variable.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Technote contains a flaw that allows a remote attacker to view arbitrary files outside of the web path. The issue is due to the print.cgi script not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the "board" variable.

Manual Testing Notes

http://[victim]/~user/technote/technote/print.cgi?board=../../../../../../../../etc/passwd%00

References:

Vendor URL: http://www.technote.co.kr/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2000-12/0459.html Keyword: Directory Traversal ISS X-Force ID: 5815 CVE-2001-0074 Bugtraq ID: 2155