Lucene search
K

keeneTraversal102.txt

🗓️ 31 Aug 2004 00:00:00Reported by James BercegayType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 22 Views

Keene Digital Media Server has a directory traversal vulnerability allowing access to server logs.

Code
`##########################################################  
# GulfTech Security Research August, 25th 2004  
##########################################################  
# Vendor : Keene Software  
# URL : http://www.keenesoftware.com  
# Version : Keene Digital Media Server 1.0.2  
# Risk : Directory Traversal Vulnerability  
##########################################################  
  
Description:  
Keene Digital Media Server is an easy and affordable way to   
share all things digital with friends, family, and customers   
over your broadband connection. DMS turns your computer into   
a highly secure Web server that automatically converts your   
files and folders into Web pages, thumbnails, and media shows   
with no Web programming required. Integrated user and file   
access security management provide the ultimate control over   
your content.  
  
  
Directory Traversal Vulnerability:  
Not too long ago I saw there was a directory traversal vuln  
found in Keene Digital Media Server. it was fixed by the  
developers, but  
  
http://localhost/%2E%2E%5Csystem.log  
  
It seems that only ../ and %2E%2E/ were filtered out. If you  
hex encode the backslash or use a forward slash you can then  
traverse out of the web directory. For example I am able to  
grab the server log file with the above request.  
  
  
  
Related Info:  
The original advisory can be found at the following location  
http://www.gulftech.org/?node=research&article_id=00046-08252004  
  
  
  
Solution:  
I contacted the developers but never received a response.  
  
  
  
Credits:  
James Bercegay of the GulfTech Security Research Team  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation