WQuinn DiskAdvisor 4.1 Directory Listing Disclosure Vulnerability
BID:1765
Info
WQuinn DiskAdvisor 4.1 Directory Listing Disclosure Vulnerability
| Bugtraq ID: | 1765 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Oct 06 2000 12:00AM |
| Updated: | Oct 06 2000 12:00AM |
| Credit: | Posted to Bugtraq on September 28, 2000 by the Delphis Security Team <[email protected]>. |
| Vulnerable: |
WQuinn DiskAdvisor 4.1 Build 455 |
| Not Vulnerable: | |
Discussion
WQuinn DiskAdvisor 4.1 Directory Listing Disclosure Vulnerability
Any user without administrative or power user privileges is capable of reading a complete listing of all known files and their physical locations on a NT system running WQuinn DiskAdvisor 4.1 by running a report through this particular application. This also includes a read out of administrative shares. However, the exploit does not grant the user the capability to read the contents of the files.
Update (October 17, 2000): Although it was stated in the Delphis advisory that QuotaAdvisor was susceptible to this vulnerability, it is actually the product DiskAdvisor that is vulnerable.
Any user without administrative or power user privileges is capable of reading a complete listing of all known files and their physical locations on a NT system running WQuinn DiskAdvisor 4.1 by running a report through this particular application. This also includes a read out of administrative shares. However, the exploit does not grant the user the capability to read the contents of the files.
Update (October 17, 2000): Although it was stated in the Delphis advisory that QuotaAdvisor was susceptible to this vulnerability, it is actually the product DiskAdvisor that is vulnerable.
Exploit / POC
WQuinn DiskAdvisor 4.1 Directory Listing Disclosure Vulnerability
See discussion.
See discussion.
Solution / Fix
WQuinn DiskAdvisor 4.1 Directory Listing Disclosure Vulnerability
Solution:
WQuinn is aware of the vulnerability and will be releasing a patch in the near future.
Solution:
WQuinn is aware of the vulnerability and will be releasing a patch in the near future.
References
WQuinn DiskAdvisor 4.1 Directory Listing Disclosure Vulnerability
References:
References:
- DiskAdvisor Product Homepage (WQuinn)