Full Disclosure mailing list archives
directory traversal in ParaChat Server 5.5
From: "Donato Ferrante" <fdonato () autistici org>
Date: Tue, 28 Sep 2004 21:12:23 -0000
Donato Ferrante Application: ParaChat Server http://www.parachat.com/ Version: 5.5 Bug: directory traversal Date: 28-Sep-2004 Author: Donato Ferrante e-mail: fdonato () autistici org web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1. Description 2. The bug 3. The code 4. The fix xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ---------------- 1. Description: ---------------- Vendor's Description: "ParaChat Server v5.5 is a fast, easy and affordable way to host and manage your own real-time communication software - for one web site, or for multiple web sites." xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ------------ 2. The bug: ------------ The server is not able to manage the sequence "..%5C/", that is equal to "..\/", this lets an attacker to navigate through the victim system simply using a web browser. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ------------- 3. The code: ------------- To test the vulnerability: http://[host]:7877/..%5C/..%5C/ xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ------------ 4. The fix: ------------ Vendor was contacted. Bug will be fixed in the next version. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- directory traversal in ParaChat Server 5.5 Donato Ferrante (Sep 29)
- <Possible follow-ups>
- Re: directory traversal in ParaChat Server 5.5 Donato Ferrante (Sep 29)