('binary' encoding is not supported, stored as-is) Dino's WebServer, File Transversal Vulnerability

Date: January 8, 2002
Author: CaMaLeOn
Affected: Dino's WebServer
Tested by: CaMaLeOn, DraZiw, WiZaRd
Versions Test: 1.x
Vendor Status: Notified
Plattaforms: win9x, win2000, WinNT

Dino's Webserver is a small and very simple to use
web server that is
intended to allow you to setup a quick and basic web
server to serve
a home page from your local computer. It includes a
log function as well
as a simple web hit counter with different design
styles to choose
from. All it requires is the IP adress of your machine
(which it
automatically detects), the web directory and port to
use. The program
is intended for casual home usage only.


A vulnerability has been discovered in Dino's
WebServer which may allow
a remote attacker to view the contents of arbitrary
files.

Dino's WebServer does not adequately filter '../'
sequences from web
requests: eg:
win9x=
www.hostvulnerable.com/../windows/admin.pwl
winnt=
www.hostvulnerable.com/../winnt/system32/cmd.exe?
/c+dir+c:\ (no tasted)

by CaMaLeOn

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]