W3C Amaya Templates Server Directory Traversal Vulnerability
BID:2504
Info
W3C Amaya Templates Server Directory Traversal Vulnerability
| Bugtraq ID: | 2504 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 13 2001 12:00AM |
| Updated: | Feb 13 2001 12:00AM |
| Credit: | Posted to BugTraq On Feb. 13, 2001 by Tom Parker < [email protected] >. |
| Vulnerable: |
W3C templates server for Amaya 1.1 |
| Not Vulnerable: | |
Discussion
W3C Amaya Templates Server Directory Traversal Vulnerability
W3C's Amaya is a WYSIWYG web browser and authoring program. A complement package, the templates server, provides the ability to retrieve templates from an apache web server, for use in Amaya-based authoring. One of the scripts used by the Amaya template server, sendtemp.pl, is vulnerable to a simple directory traversal and file retrieval vulnerability. Using this script, an attacker can view contents of directories outside of the configured template directory, limited only by the restrictions on the apache web server process.
W3C's Amaya is a WYSIWYG web browser and authoring program. A complement package, the templates server, provides the ability to retrieve templates from an apache web server, for use in Amaya-based authoring. One of the scripts used by the Amaya template server, sendtemp.pl, is vulnerable to a simple directory traversal and file retrieval vulnerability. Using this script, an attacker can view contents of directories outside of the configured template directory, limited only by the restrictions on the apache web server process.
Exploit / POC
W3C Amaya Templates Server Directory Traversal Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
W3C Amaya Templates Server Directory Traversal Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
W3C Amaya Templates Server Directory Traversal Vulnerability
References:
References:
- Amaya Homepage (W3C)
- Apache in a chroot jail (Gerhard Mourani)
- Installing a template server for Amaya (W3C)