AWS XMS 'what' Parameter Directory Traversal Vulnerability
BID:58753
CVE-2013-2474 |Info
AWS XMS 'what' Parameter Directory Traversal Vulnerability
| Bugtraq ID: | 58753 |
| Class: | Input Validation Error |
| CVE: |
CVE-2013-2474 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 27 2013 12:00AM |
| Updated: | Sep 02 2013 12:10AM |
| Credit: | High-Tech Bridge Security Research Lab |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
AWS XMS 'what' Parameter Directory Traversal Vulnerability
AWS XMS is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.
A remote attacker can use directory-traversal strings to read arbitrary files in the context of the affected application.
AWS XMS 2.5 is vulnerable; other versions may also be affected.
AWS XMS is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.
A remote attacker can use directory-traversal strings to read arbitrary files in the context of the affected application.
AWS XMS 2.5 is vulnerable; other versions may also be affected.
Exploit / POC
AWS XMS 'what' Parameter Directory Traversal Vulnerability
Attackers can exploit this issue through a browser.
The following example URIs are available:
http://www.example.com/importer.php?what=defaults.php%00.js
http://www.example.com/importer.php?what=defaults.php///////...//////.js
Attackers can exploit this issue through a browser.
The following example URIs are available:
http://www.example.com/importer.php?what=defaults.php%00.js
http://www.example.com/importer.php?what=defaults.php///////...//////.js
Solution / Fix
AWS XMS 'what' Parameter Directory Traversal Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
AWS XMS 'what' Parameter Directory Traversal Vulnerability
References:
References: