HTTP File Server Security Bypass and Denial of Service Vulnerabilities

Bugtraq ID:	39544
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Apr 19 2010 12:00AM
Updated:	Apr 19 2010 12:00AM
Credit:	Luigi Auriemma
Vulnerable:	HTTP File Server HTTP File Server 2.2e HTTP File Server HTTP File Server 2.2c HTTP File Server HTTP File Server 2.2b HTTP File Server HTTP File Server 2.2a HTTP File Server HTTP File Server 2.2
Not Vulnerable:	HTTP File Server HTTP File Server 2.2f

HTTP File Server Security Bypass and Denial of Service Vulnerabilities

HTTP File Server is prone to multiple vulnerabilities including a security-bypass issue and a denial-of-service issue.

Exploiting these issues will allow an attacker to download files from restricted directories within the context of the application or cause denial-of-service conditions.

HTTP File Server Security Bypass and Denial of Service Vulnerabilities

Attackers likely use a web browser to exploit these issues.

http://www.example.com/protected_folder/secret_file.txt%00
http://www.example.com/?search=%25%25

HTTP File Server Security Bypass and Denial of Service Vulnerabilities

Solution:
Reportedly the vendor has fixed the issue. Please see the references for more information.

HTTP File Server Security Bypass and Denial of Service Vulnerabilities

References:

• Http File Server Home Page (Http File Server)
  
• HTTP File Server Vulnerabilities (Luigi Auriemma)