SD Server Directory Traversal Vulnerability
BID:12609
Info
SD Server Directory Traversal Vulnerability
| Bugtraq ID: | 12609 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 21 2005 12:00AM |
| Updated: | Feb 21 2005 12:00AM |
| Credit: | Discovery of this vulnerability is credited to CorryL <[email protected]>. |
| Vulnerable: |
GD Software SD Server 4.0.70 |
| Not Vulnerable: |
GD Software SD Server 4.0.72 |
Discussion
SD Server Directory Traversal Vulnerability
A vulnerability has been identified in the handling of certain types of requests by SD Server. Because of this, it is possible for an attacker to gain access to potentially sensitive system files.
Read privileges granted to these files would be restricted by the permissions of the web server process.
A vulnerability has been identified in the handling of certain types of requests by SD Server. Because of this, it is possible for an attacker to gain access to potentially sensitive system files.
Read privileges granted to these files would be restricted by the permissions of the web server process.
Exploit / POC
SD Server Directory Traversal Vulnerability
No exploit is required, the following example is available:
http://www.example.com/../../../windows/repair/sam
No exploit is required, the following example is available:
http://www.example.com/../../../windows/repair/sam
Solution / Fix
SD Server Directory Traversal Vulnerability
Solution:
The vendor has released an update to address this vulnerability:
GD Software SD Server 4.0.70
Solution:
The vendor has released an update to address this vulnerability:
GD Software SD Server 4.0.70
-
GD Software SD Server 4.0.0.72
http://www.gdsoftware.dk/dl_file.asp?link=SDServer%204.0.0.72.zip