Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Servers :: web5674.htm

WebServer 4 Everyone directory traversal



9th Sep 2002 [SBWID-5674]
COMMAND

	
		WebServer 4 Everyone directory traversal bug
	
	

SYSTEMS AFFECTED

	
		WebServer 4 Everyone Version: 1.22
	
	

PROBLEM

	
		In UkR-XblP of UkR security team [http://ust.dp.ua] advisory :
		

		problem is caused by the character '\' (%5c) that is not checked as  bad
		character, so the server follow the path in the URI  that  the  attacker
		give until it reach the file requested.
		

		 Exploits: 

		

		http://host/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini

		

		or
		

		GET /\..\..\..\..\..\boot.ini HTTP/1.0

		

		This last is an HTTP request that can be sent with telnet  because  some
		browsers can modify the "\.." chars.
	
	

SOLUTION

	
	


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH