Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web :: Apps :: txn-012.txt

directorypro.cgi directory traversal exploit

Tuxtendo Security Advisory
(c) 2001 Tuxtendo
WWW   :

1. Program information
Program Name    : directorypro.cgi
Description     : CGI script
Vendor          : unknown
Program purpose : directorypro.cgi is a CGI script to index and view files in directory structures.
Bug Found by    : Marshal (la~onda) ( )
Tuxtendo ID     : TXN-0108-2001-TX02
Date            : 01-08-2001

2. Problem Description
directorypro.cgi contains two problems.
It allows directory traversal and allows to terminate the pre-set prefix bij adding %00 to
the end of your request.

Normally directorypro.cgi adds a set prefix to the file your requested but you can evade this by
adding %00 to the end of your request. %00 is the NULL character and prevents directorypro.cgi
from reading further in the buffer.

3. Exploit


4. Solution
Use another script, check out for other scripts.

5. Vendor status
Vendor was not contacted but replied on my post to
bugtraq (05/27/2001, "directorypro.cgi , directory traversal"),
stating he would fix the problem.

The vendor was not contacted because we couldn't find more information about
the script what would lead us to the vendor.

This advisory does not claim to be complete or to be usable for any purpose.
Especially information on the vulnerable systems may be inaccurate 
Possibly supplied exploit code is not to be used for malicious , but for educational
purposes only.
This advisory is free for open distribution in unmodified form.
Articles that are based on information from this advisory should include link to
For more information regarding this 
bug or other information E-Mail:

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH