Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Servers :: alibaba2.htm

Alibaba 2.0 Read Arbitrary Files



Vulnerability

    Alibaba (httpd)

Affected

    Alibaba 2.0

Description

    Arne Vidstrom found  following.  He  has found a  security hole in
    the  web  server  Alibaba  2.0  (the  latest  version  at  time of
    writing).  Other version were not tested.  Here's an example.   If
    you install it so the web root is located in  c:\alibaba\HtmlDocs\
    you can send an URL:

        http://www.server.se/../../winnt/file.txt

    and get the "file.txt" file. This works all over the disk  Alibaba
    is installed on.  If directory browsing isn't allowed you have  to
    know the pathname of the file you want.  If directory browsing  is
    allowed you can start at the disk root directory, but you have  to
    enter the directories  by hand when  browsing, because the  server
    will assume they are located in the web root, so if you just click
    around all you'll get is lots of 404's.

Solution

    Next release should fix that.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH