Hosting Controller FolderManager.ASPX Directory Traversal Vulnerability
BID:21786
Info
Hosting Controller FolderManager.ASPX Directory Traversal Vulnerability
| Bugtraq ID: | 21786 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 27 2006 12:00AM |
| Updated: | Jan 04 2007 06:26PM |
| Credit: | KAPDA is credited with the discovery of this vulnerability. |
| Vulnerable: |
Hosting Controller Hosting Controller 7C |
| Not Vulnerable: | |
Discussion
Hosting Controller FolderManager.ASPX Directory Traversal Vulnerability
Hosting Controller is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input.
An attacker can exploit this issue to modify or retrieve arbitrary files in the context of the webserver process. This may aid in further attacks.
This issue affects version 7C; earlier versions may also be vulnerable.
Hosting Controller is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input.
An attacker can exploit this issue to modify or retrieve arbitrary files in the context of the webserver process. This may aid in further attacks.
This issue affects version 7C; earlier versions may also be vulnerable.
Exploit / POC
Hosting Controller FolderManager.ASPX Directory Traversal Vulnerability
Attackers can exploit this issue via a web client.
The following proof-of-concept URI is available:
http://www.example.com/FolderManager/FolderManager.aspx?BrowseLevel=1&BrowsePath=[SITE NORMAL PATH]\..\..\..\..\program%20files
Attackers can exploit this issue via a web client.
The following proof-of-concept URI is available:
http://www.example.com/FolderManager/FolderManager.aspx?BrowseLevel=1&BrowsePath=[SITE NORMAL PATH]\..\..\..\..\program%20files
Solution / Fix
Hosting Controller FolderManager.ASPX Directory Traversal Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
Hosting Controller FolderManager.ASPX Directory Traversal Vulnerability
References:
References:
- [KAPDA::#63] - Hosting Controller 7c (Build No. 7.00.0003) (KAPDA)
- Hosting Controller Homepage (Hosting Controller)