Performance Guard Arbitrary File Read / Traversal

2013-08-29T00:00:00
ID PACKETSTORM:123013
Type packetstorm
Reporter Kerem Kocaer
Modified 2013-08-29T00:00:00

Description

                                        
                                            `Application Performance Guard  
Vendor CapaSystems  
Link http://www.capasystems.com/it-performance-monitorin  
  
Discovered by Kerem Kocaer <kerem.kocaer(at)gmail(dot)com>  
  
Problem  
-------  
Path traversal vulnerability in the "download logs" section allows remote attackers to read   
arbitrary files by intercepting and modifying the file path in an HTTP request to "uploadreader.jsp".  
  
The vulnerability is confirmed to exist in version 6.1.27. Other versions may also be vulnerable.  
  
Exploit  
-------  
This issue can be exploited with a web browser and a proxy tool to intercept and modify parameters   
sent to: http://[address]/logreader/uploadreader.jsp  
  
Fix  
---  
The vendor has reported fixing the problem in version 6.2.102.  
Bug Fix PG-8050 (http://capawiki.capasystems.com/display/pgdoc/PG+6.2.102)  
  
  
Timeline  
--------  
2013-05-16 Provided details to CapaSystems  
2013-06-07 Performance Guard version 6.2.102 released (with Bug fix PG-8050)  
  
  
Reference  
---------  
CVE Number: CVE-2013-5216  
`