Archive : 1999 : november : mailgear - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Symantec Mail-Gear 1.0 Web interface Server Directory Traversal Vulnerability




=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


    Date: Пн, 29 ноя 1999  19:00:36

   От: Ussr Labs <labs@USSRBACK.COM>

 Кому: BUGTRAQ@SECURITYFOCUS.COM

 Тема: Symantec Mail-Gear 1.0 Web interface Server Directory Traversal Vulnerability

--------------------------------------------------------------------------------




Symantec Mail-Gear 1.0 Web interface Server Directory Traversal

Vulnerability





PROBLEM



UssrLabs found a Symantec Mail-Gear 1.0  Web interface Server Directory

Traversal Vulnerability

Using the string '../' in a URL, an attacker can gain read access to

any file outside of the intended web-published filesystem directory



There is not much to expand on this one....



Example:



http://ServerIp:8003/Display?what=../../../../../autoexec.bat      to show

autoexec.bat





Vendor Status:

Contacted



Vendor   Url: http://www.symantec.com/urlabs/public/index.html

Program Url: http://www.symantec.com/urlabs/public/download/download.html



Credit: USSRLABS



SOLUTION

 Upgrade to Symantec Mail-Gear 1.1



u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c h

http://www.ussrback.com

test server