QwikiWiki Remote Directory Traversal Vulnerability
BID:12163
Info
QwikiWiki Remote Directory Traversal Vulnerability
| Bugtraq ID: | 12163 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 04 2005 12:00AM |
| Updated: | Jan 04 2005 12:00AM |
| Credit: | Madelman <[email protected]> disclosed this vulnerability. |
| Vulnerable: |
David Barrett QwikiWiki 1.4.1 |
| Not Vulnerable: | |
Discussion
QwikiWiki Remote Directory Traversal Vulnerability
QwikiWiki is reportedly susceptible to a remote directory traversal vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input.
A malicious user could issue a request containing directory traversal strings such as '..' to possibly view files outside the server root directory or the Web mail user's normal access rights. This would be in the context of the server, so only files that would normally be accessible to the server would be exposed. This could lead to a loss of integrity and/or confidentiality. Information gathered could also be used to enhance other avenues of attack on the underlying system.
Version 1.4.1 of QwikiWiki is reported to be susceptible. Other versions may also be affected.
QwikiWiki is reportedly susceptible to a remote directory traversal vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input.
A malicious user could issue a request containing directory traversal strings such as '..' to possibly view files outside the server root directory or the Web mail user's normal access rights. This would be in the context of the server, so only files that would normally be accessible to the server would be exposed. This could lead to a loss of integrity and/or confidentiality. Information gathered could also be used to enhance other avenues of attack on the underlying system.
Version 1.4.1 of QwikiWiki is reported to be susceptible. Other versions may also be affected.
Exploit / POC
QwikiWiki Remote Directory Traversal Vulnerability
An exploit is not required. Examples sufficient to demonstrate this vulnerability are provided:
http://www.example.com/qwiki/index.php?page=../_config.php%00
http://www.example.com/qwiki/index.php?page=../../../../../../etc/passwd%00
An exploit is not required. Examples sufficient to demonstrate this vulnerability are provided:
http://www.example.com/qwiki/index.php?page=../_config.php%00
http://www.example.com/qwiki/index.php?page=../../../../../../etc/passwd%00
Solution / Fix
QwikiWiki Remote Directory Traversal Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
QwikiWiki Remote Directory Traversal Vulnerability
References:
References:
- QwikiWiki Home Page (David Barrett)
- QWikiwiki directory traversal vulnerability (Madelman
)