Previous articleBack to news listNext article
|
Sponsored links |
Want to become one of our authors and see your work published on ALLSeek.iNFO ?
|
| CProxy Input Validation Hole Discloses Files to Remote Users and Lets Remote Users Crash the Service |
|---|
Categorie: Vulnerability
Posted: 2005-03-05 by ReCall
Views: 547
Source: Click here
| Current Rating: Not rated
|
|
| Details |
|---|
Description: Several vulnerabilities were reported in CProxy. A remote user can view files on the target system. A remote user can cause the service to crash.
The server does not properly validate user-supplied input. A remote user can submit a specially crafted URL containing '../' directory traversal characters to view arbitrary files on the target system. A demonstration exploit HTTP GET request is of the following format:
GET http://<path-to-target-directory>/<filename> HTTP/1.0<CRLF><CRLF>
A demonstratoin exploit request is provided:
GET http://../../../../../winnt/system32/drivers/etc/hosts HTTP/1.0
HTTP POST and HEAD requests can also be used.
A remote user can submit an HTTP GET request type to retrieve an ASCII file or any HTTP request type to retrieve an executable file to cause the CProxy service to crash. A demonstration exploit request is provided:
GET http://../../../../../winnt/system32/drivers/etc/hosts HTTP/1.0
GET http://../../../../../winnt/system32/cmd.exe
POST http://../../../../../winnt/system32/cmd.exe
The vendor was notified on February 19, 2005, without response.
Kristof Philipsen of Ubizen reported this vulnerability.
Impact: A remote user can view files on the target system.
A remote user can cause the service to crash.
Solution: No solution was available at the time of this entry.
|
| Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1411
|
| User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
|
Previous articleBack to news listNext article
|
