A directory traversal vulnerability has been discovered in Enceladus web server beta 4.0.2. It can be trivially exploited by simply tying ../ as part of the URL to view directories or files outside of the webroot.
45baa81b8ebd39cec7e815c9ada004401417b35fbd5e6ea2b893461d52a7ed5b++++++++++++ Enceladus web server Beta 4.0.2 Multiple vulnerabilities +++++++++++++++++
Release date:
June 22, 2004
Severity:
Medium
Vendor:
http://www.mollensoft.com
Systems Affected:
Microsoft Windows NT 4.0 (all versions)
Microsoft Windows 2000 (SP3 and earlier)
Microsoft Windows XP (all versions)
Microsoft Windows 9x
Services affected:
Http service
Description of the product:
Enceladus Server Suite is an Intranet lightweight Web Server for Windows, provides file sharing
on any network! Perfect for Home Network Use, Small business and Personal Intranet Use. You don't
have to be an expert to setup file sharing or run your own web site Server!! This Server Suite is
One of the Easiest To Install and Operate!
Vulnerabilities:
1. Directory Listing
2. Directory Traversal
Technical Description:
1. The first vulnerability is a simple directory listing condition. By supplying "%2f" or "../" or "%5c"
it is possible for any user to list files outside the WWW root.
2. Moreover the first vulnerability can be used to read any file outsite the WWW root.
for example: http://[host]/../../windows/win.ini
Workaround:
Use another product.
Pr00f of concept code:
sorry, nothing at the moment but some pr00f of concept exploit may emerge soon.
Credit:
Dr_insane
Http://members.lycos.co.uk/r34ct/
Feedback
Please send your comments to: dr_insane@pathfinder.gr
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed