Holtstraeter Rot 13 Enkrypt.PHP Directory Traversal Vulnerability

Bugtraq ID:	22997
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Mar 16 2007 12:00AM
Updated:	Mar 16 2007 12:00AM
Credit:	BorN To K!LL is credited with the discovery of this vulnerability.
Vulnerable:	holtstraeter ROT 13 0
Not Vulnerable:

Holtstraeter Rot 13 Enkrypt.PHP Directory Traversal Vulnerability

Holtstraeter Rot 13 is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to retrieve the contents of arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks.

Holtstraeter Rot 13 Enkrypt.PHP Directory Traversal Vulnerability

Attackers can use a browser to exploit this issue.

The following proof of concept is available:

http://www.example.com/enkrypt.php?datei=../../../../etc/passwd

Holtstraeter Rot 13 Enkrypt.PHP Directory Traversal Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

Holtstraeter Rot 13 Enkrypt.PHP Directory Traversal Vulnerability

References:

• holtstraeter ROT 13 homepage (holtstraeter)
  
• Rot 13 <= (enkrypt.php) Remote File Disclosure Vulnerability ([email protected])