Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormRapid7PACKETSTORM:46471
HistoryMay 22, 2006 - 12:00 a.m.

Rapid7 Security Advisory 24

2006-05-2200:00:00
Rapid7
packetstormsecurity.com
20

0.007 Low

EPSS

Percentile

78.4%

JSON
`_______________________________________________________________________  
Rapid7 Security Advisory  
Visit http://www.rapid7.com/ to download NeXpose,  
SC Magazine Winner of Best Vulnerability Management product.  
_______________________________________________________________________  
  
Rapid7 Advisory R7-0024  
Caucho Resin Windows Directory Traversal Vulnerability  
  
Published: May 16, 2006  
Revision: 1.0  
http://www.rapid7.com/advisories/R7-0024.html  
  
CVE: CVE-2006-1953  
  
1. Affected system(s):  
  
KNOWN VULNERABLE:  
o Caucho Resin v3.0.18 for Windows  
o Caucho Resin v3.0.17 for Windows  
  
NOT VULNERABLE:  
o Caucho Resin v3.0.19  
o Caucho Resin v3.0.16 and earlier  
  
2. Summary  
  
The Caucho Resin web application server for Windows contains a  
directory traversal vulnerability that allows remote  
unauthenticated users to download any file from the system. It is  
possible to download files from any drive on the system.  
  
Rapid7 have updated NeXpose to check for this vulnerability. Licensed  
customers will receive the new vulnerability checks automatically.  
Visit http://www.rapid7.com to register for a free demo of NeXpose.  
  
3. Vendor status and information  
  
Caucho Technology, Inc.  
http://www.caucho.com/  
  
Caucho was notified of this vulnerability on April 20th, 2006.  
They fixed this vulnerability in the latest unofficial snapshot  
of Resin 3.0.19, available from Caucho's website.  
  
4. Solution  
  
Upgrade to the latest snapshot version of Resin, version 3.0.19.  
  
5. Detailed analysis  
  
Caucho Resin is a servlet and JSP server. Resin ships with its own  
standalone web server which runs by default on port 8080. Any remote  
user can request URLs of the form:  
  
http://victim:8080/C:%5C/  
  
to access the root of the C: drive (and any files below it). Any  
drive letter can be specified. Only Resin on Windows is vulnerable.  
  
This vulnerability appears to have been introduced in Resin  
version 3.0.17, although this has not been confirmed by the vendor.  
  
6. Contact Information  
  
Rapid7 Security Advisories  
Email: [email protected]  
Web: http://www.rapid7.com/  
Phone: +1 (617) 603-0700  
  
7. Disclaimer and Copyright  
  
Rapid7, LLC is not responsible for the misuse of the information  
provided in our security advisories. These advisories are a service  
to the professional security community. There are NO WARRANTIES  
with regard to this information. Any application or distribution of  
this information constitutes acceptance AS IS, at the user's own  
risk. This information is subject to change without notice.  
  
This advisory Copyright (C) 2006 Rapid7, LLC. Permission is  
hereby granted to redistribute this advisory, providing that no  
changes are made and that the copyright notices and disclaimers  
remain intact.  
  
`

Related

prion 1
cvelist 1
securityvulns 1
cve 1
nessus 1
prion
prion
Directory traversal
2006-05-17 10:06:00
cvelist
cvelist
CVE-2006-1953
2006-05-17 10:00:00
securityvulns
securityvulns
Caucho Resin Windows Directory Traversal Vulnerability
2006-05-17 00:00:00
cve
cve
CVE-2006-1953
2006-05-17 10:06:00
nessus
nessus
Resin for Windows Encoded URI Traversal Arbitrary File Access
2006-05-27 00:00:00

0.007 Low

EPSS

Percentile

78.4%

JSON
Related for PACKETSTORM:46471
prion1cvelist1securityvulns1cve1nessus1