Home page logo
/

bugtraq logo Bugtraq mailing list archives

LocalWEB2000 Directory Traversal Vulnerability
From: SNS Research <vuln-dev () greyhack com>
Date: Fri, 19 Jan 2001 21:41:52 +0100

Strumpf Noir Society Advisories
! Public release !
<--#


-= LocalWEB2000 Directory Traversal Vulnerability =-

Release date: Friday, January 19, 2001


Introduction:

LocalWEB2000 is a HTTP server for the MS Windows suite of operating
systems. It's intended for use as an intranet server by small to
medium size companies.

LocalWEB2000 is availble from http://www.intranet-server.co.uk


Problem:

Adding the string "../" to an URL allows an attacker access to files
outside of the webserver's publishing directory. This allows read
access to any file on the server.

Example:

http://localhost:80/../../../autoexec.bat  reads the file
"autoexec.bat" from the partition's root dir (using default install).


(..)


Solution:

Vendor has been notified, the problem will be fixed in a future
release. This was tested against LocalWEB2000 v1.1.0.


yadayadayada

SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html)
compliant, all information is provided on AS IS basis.

EOF, but Strumpf Noir Society will return!


  By Date           By Thread  

Current thread:
  • LocalWEB2000 Directory Traversal Vulnerability SNS Research (Jan 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault