[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SD Server 4.0.70 Directory Traversal Bug

To: <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: SD Server 4.0.70 Directory Traversal Bug
From: "CorryL" <corryl@xxxxxxxxxxxxx>
Date: Tue, 22 Feb 2005 19:40:31 +0100

..:x0n3-h4ck Italian Security Team:..

/*Advisories*\

*/

Application: SD Server

Url Vendor: http://www.gdsoftware.dk/

Version: <= 4.0.70

Platforms: Windows

Bug: Directory Traversal

Exploitation: Remote

Author: CorryL

Email Author: corryl80@xxxxxxxxx

Url Author: www.x0n3-h4ck.org

*\

{Description}

The SD Server is a easy http server, A remote user can obtain files on the
system that are located outside of
the web document directory.


{Bug}

http://victimhost/../../../windows/repair/sam

A remote user succeeds to read the file sam of the system where to be in
execution SD Server.

{Vendor Status}

20/02/2005 Vendor notification

20/02/2005 Vendor response

21/02/2005 Vendor Fix the Bug

{Fix}

In version 4.0.0.72

http://www.gdsoftware.dk/dl_file.asp?link=SDServer 4.0.0.72.zip

CorryL
corryl80@xxxxxxxxx
www.x0n3-h4ck.org
Italian Security Team

_________________________________
www.seekstat.it is your web stat

Prev by Date: Re: Avaya IP Office Phone Manager - Sensitive Information Cleartext Vulnerability
Next by Date: [NOBYTES.COM: #5] iGeneric eShop 1.2 - Information Disclosure & Possible SQL Injection
Previous by thread: iDEFENSE Security Advisory 02.22.05: phpBB Group phpBB Arbitrary File Disclosure Vulnerability
Next by thread: [NOBYTES.COM: #5] iGeneric eShop 1.2 - Information Disclosure & Possible SQL Injection
Index(es):
- Date
- Thread