Motobit ASP Upload Manager Download.ASP Directory Traversal Vulnerability
BID:23757
Info
Motobit ASP Upload Manager Download.ASP Directory Traversal Vulnerability
| Bugtraq ID: | 23757 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-2486 |
| Remote: | Yes |
| Local: | No |
| Published: | May 02 2007 12:00AM |
| Updated: | May 07 2015 05:39PM |
| Credit: | Dj7xpl is credited with the discovery of this vulnerability. |
| Vulnerable: |
Motobit Software Pure ASP File Upload 1.5 Motobit Software Pure ASP File Upload 1.3 |
| Not Vulnerable: | |
Discussion
Motobit ASP Upload Manager Download.ASP Directory Traversal Vulnerability
Motobit ASP Upload Manager is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.
A remote attacker can exploit this issue to retrieve the contents of arbitrary files in the context of the webserver process.
This issue affects ASP Upload Manager 1.3 and 1.5; other versions may also be affected.
Motobit ASP Upload Manager is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.
A remote attacker can exploit this issue to retrieve the contents of arbitrary files in the context of the webserver process.
This issue affects ASP Upload Manager 1.3 and 1.5; other versions may also be affected.
Exploit / POC
Motobit ASP Upload Manager Download.ASP Directory Traversal Vulnerability
Attackers can use a browser to exploit this issue.
The following proof-of-concept URIs are available:
http://www.example.com/download.asp?File=[File Path]&PT=[PostFix]
http://www.example.com/download.asp?File=../../../../etc/passwd&pt=zip
Attackers can use a browser to exploit this issue.
The following proof-of-concept URIs are available:
http://www.example.com/download.asp?File=[File Path]&PT=[PostFix]
http://www.example.com/download.asp?File=../../../../etc/passwd&pt=zip
Solution / Fix
Motobit ASP Upload Manager Download.ASP Directory Traversal Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Motobit ASP Upload Manager Download.ASP Directory Traversal Vulnerability
References:
References:
- Pure ASP File Upload Web Site (Motobit Software)