Bugtraq mailing list archives
Eserv 2.50 Web interface Server Directory Traversal Vulnerability
From: labs () USSRBACK COM (Ussr Labs)
Date: Thu, 4 Nov 1999 21:17:12 -0300
Eserv 2.50 Web interface Server Directory Traversal Vulnerability Product: Eserv/2.50 is the complete solution to access Internet from LAN: - Mail Server (SMTP and POP3, with ability to share one mailbox on the ISP, aliases and mail routing support) - News Server (NNTP) - Web Server (with CGI, virtual hosts, virtual directory support, web-interface for all servers in the package) - FTP Server (with virtual directory support) - Proxy Servers * FTP proxy and HTTP caching proxy * FTP gate * HTTPS proxy * Socks5, Socks4 and 4a proxy * TCP and UDP port mapping * DNS proxy - Finger Server - Built-in scheduler and dialer (dial on demand, dialer server for extern agents, scheduler for any tasks) PROBLEM UssrLabs found a Eserv Web Server Directory Traversal Vulnerability Using the string '../' in a URL, an attacker can gain read access to any file outside of the intended web-published filesystem directory There is not much to expand on this one.... Example: http://127.1:3128/../../../conf/Eserv.ini to show all configuration file including account names Vendor Status: no contacted Vendor Url: http://www.eserv.ru/ Program Url: http://www.eserv.ru/eserv/ Credit: USSRLABS SOLUTION Nothing yet.
Current thread:
- Eserv 2.50 Web interface Server Directory Traversal Vulnerability Ussr Labs (Nov 04)
- <Possible follow-ups>
- Re: Eserv 2.50 Web interface Server Directory Traversal Vulnerability Andrey Cherezov (Nov 08)