OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Tamer Sahin (ts_at_securityoffice.net)
Date: Thu Oct 24 2002 - 13:50:10 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: MD5

    - --[ BRS WebWeaver Web Server v1.01 Protected File Access Vulnerability ]--

    - --[ Type

    File Disclosure

    - --[ Release Date

    October 24, 2002

    - --[ Product / Vendor

    BRS WebWeaver is a small, fast HTTP and FTP Server for Win9x/WinNT. I've done a
    little testing and it is able to sustain over 750 connection per second using only 4MB
    of memory

    Web Server with the following features:

    - - HTTP/1.0 compliant Web Server
    - - Built in FTP Server
    - - Basic ISAPI support (Microsoft Internet Server API)
    - - CGI/1.1 support
    - - Multi-threaded
    - - Basic user authentication
    - - IP address based security
    - - URL based security (Realms)
    - - Alias support
    - - SSI Support (Server Side Includes)
    - - Remote Administration (Partially Implemented)
    - - FREE!

    http://www.bsoutham.org

    - --[ Summary

    It is possible to construct a web request which is capable of accessing the contents
    of password protected files/folders on the BRS WebWeaver Web Server v1.01. This
    vulnerability may only be exploited to access password-protected files in sub-folders
    of wwwroot.

    http://host/./secret/

    - --[ Tested

    Windows 2000 Sp3 / BRS WebWeaver Web Server v1.01
    Windows 98 SE / BRS WebWeaver Web Server v1.01

    - --[ Vulnerable

    BRS WebWeaver Web Server v1.01

    - --[ Disclaimer

    http://www.securityoffice.net is not responsible for the misuse or illegal use of
    any of the information and/or the software listed on this security advisory.

    - --[ Author

    Tamer Sahin
    tssecurityoffice.net
    http://www.securityoffice.net

    All our advisories can be viewed at http://www.securityoffice.net/articles/

    Please send suggestions, updates, and comments to feedbacksecurityoffice.net

    (c) 2002 SecurityOffice

    This Security Advisory may be reproduced and distributed, provided that this Security
    Advisory is not modified in any way and is attributed to SecurityOffice and provided
    that such reproduction and distribution is performed for non-commercial purposes.

    Tamer Sahin
    http://www.securityoffice.net

    -----BEGIN PGP SIGNATURE-----
    Version: 2.6

    iQEVAwUAPbhA5PpL5ibJRTtBAQG0Iwf+OZfrWz9p+MCg0UqsdzGK7sN1IJvUopjJ
    czztl7D5h9VVl8+gBRiMFMtLPK/wz15PPCWwneqORA6+jgXuroBTMcQvLv8q2aDH
    CTP2lgBPW1i1AIwPw1zy5Alb773gho6rL7D/jeTSPDJDIJPutjKX64PuMEtTWpEx
    Uxn5bz+21ZIGyPiLt13TKo850Jl29ToURtKSM2uCmBPlYCNCULpA9pthR7WliSHH
    xzQVF3r3yEmMgmjvuSJouMi7LrpT+fWYcYY5brjJahot+qH8R45EeJZq9FoMuWkG
    OvJrYcZrLRConqjvKlErLvzZmET3DBg/OJVuAOL+hvZrYdXDyNGDMg==
    =mrVU
    -----END PGP SIGNATURE-----