|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Directory Traversal in TorrentFlux 2.1
From: Christopher (vooduhal
gmail.com)
Date: Thu Oct 26 2006 - 12:16:56 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Dorkfire.com Security Advisory
Discovered By: vooduhalgmail.com
Type of problem: Directory Traversal
Software: TorrentFlux 2.1
Software Description: TorrentFlux is a FREE PHP based Torrent client
that runs on a web server. Manage all of your Torrent downloads
through a convenient web interface from anywhere.
Problem description:
The dir.php script doesn't properly sanitize path passed via the "dir"
GET variable and also doesn't confirm where it's currently creating a
directory list for.
Example:
http://target/torrentfluxroot/dir.php?dir=\.\./\.\./\.\./etc/
will produce a directory list of /etc/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]