Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Steve (steveSECURESOLUTIONS.ORG)
Date: Fri Jan 19 2001 - 20:58:35 CST
From: SNS Research [mailto:vuln-devgreyhack.com]
Sent: Friday, January 19, 2001 1:42 PM
Subject: LocalWEB2000 Directory Traversal Vulnerability
Strumpf Noir Society Advisories
! Public release !
-= LocalWEB2000 Directory Traversal Vulnerability =-
Release date: Friday, January 19, 2001
LocalWEB2000 is a HTTP server for the MS Windows suite of operating
systems. It's intended for use as an intranet server by small to
medium size companies.
LocalWEB2000 is availble from http://www.intranet-server.co.uk
Adding the string "../" to an URL allows an attacker access to files
outside of the webserver's publishing directory. This allows read
access to any file on the server.
http://localhost:80/../../../autoexec.bat reads the file
"autoexec.bat" from the partition's root dir (using default install).
Vendor has been notified, the problem will be fixed in a future
release. This was tested against LocalWEB2000 v1.1.0.
SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html)
compliant, all information is provided on AS IS basis.
EOF, but Strumpf Noir Society will return!
** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net