FastStone 4in1 Browser Web Server Remote Directory Traversal Vulnerability
BID:12937
Info
FastStone 4in1 Browser Web Server Remote Directory Traversal Vulnerability
| Bugtraq ID: | 12937 |
| Class: | Input Validation Error |
| CVE: |
CVE-2005-0950 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 29 2005 12:00AM |
| Updated: | Jul 12 2009 11:56AM |
| Credit: | Discovery of this vulnerability is credited to "Donato Ferrante" <[email protected]>. |
| Vulnerable: |
FastStone 4in1 Browser 1.2 |
| Not Vulnerable: |
FastStone 4in1 Browser 1.3 |
Discussion
FastStone 4in1 Browser Web Server Remote Directory Traversal Vulnerability
A vulnerability has been identified in the handling of certain types of requests by the 4in1 Browser Web server. Because of this, it is possible for an attacker to gain access to potentially sensitive system files.
This issue could be exploited to gain read access to files on a host using the vulnerable software. Read privileges granted to these files would be restricted by the permissions of the web server process.
This vulnerability is reported to affect FastStone 4in1 Browser version 1.2, previous versions might also be affected.
A vulnerability has been identified in the handling of certain types of requests by the 4in1 Browser Web server. Because of this, it is possible for an attacker to gain access to potentially sensitive system files.
This issue could be exploited to gain read access to files on a host using the vulnerable software. Read privileges granted to these files would be restricted by the permissions of the web server process.
This vulnerability is reported to affect FastStone 4in1 Browser version 1.2, previous versions might also be affected.
Exploit / POC
FastStone 4in1 Browser Web Server Remote Directory Traversal Vulnerability
No exploit is required, the following examples are available:
http://www.example.com/.../.../.../.../.../.../windows/system.ini
http://www.example.com/..\..\..\..\..\..\..\..\windows/system.ini
No exploit is required, the following examples are available:
http://www.example.com/.../.../.../.../.../.../windows/system.ini
http://www.example.com/..\..\..\..\..\..\..\..\windows/system.ini
Solution / Fix
FastStone 4in1 Browser Web Server Remote Directory Traversal Vulnerability
Solution:
It is reported that this issue is addressed in FastStone 4in1 Browser version 1.3. This is not confirmed.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
It is reported that this issue is addressed in FastStone 4in1 Browser version 1.3. This is not confirmed.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
FastStone 4in1 Browser Web Server Remote Directory Traversal Vulnerability
References:
References:
- FastStone 4in1 Browser Homepage (FastStone Soft)
- directory traversal in FastStone 4in1 Browser 1.2 ("Donato Ferrante"