Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:12706
HistoryMay 17, 2006 - 12:00 a.m.

Caucho Resin Windows Directory Traversal Vulnerability

2006-05-1700:00:00
vulners.com
8
JSON
                    Rapid7 Security Advisory
        Visit http://www.rapid7.com/ to download NeXpose,
    SC Magazine Winner of Best Vulnerability Management product.

Rapid7 Advisory R7-0024
Caucho Resin Windows Directory Traversal Vulnerability

Published: May 16, 2006
Revision: 1.0
http://www.rapid7.com/advisories/R7-0024.html

CVE: CVE-2006-1953

  1. Affected system(s):

    KNOWN VULNERABLE:
    o Caucho Resin v3.0.18 for Windows
    o Caucho Resin v3.0.17 for Windows

    NOT VULNERABLE:
    o Caucho Resin v3.0.19
    o Caucho Resin v3.0.16 and earlier

  2. Summary

    The Caucho Resin web application server for Windows contains a
    directory traversal vulnerability that allows remote
    unauthenticated users to download any file from the system. It is
    possible to download files from any drive on the system.

    Rapid7 have updated NeXpose to check for this vulnerability. Licensed
    customers will receive the new vulnerability checks automatically.
    Visit http://www.rapid7.com to register for a free demo of NeXpose.

  3. Vendor status and information

    Caucho Technology, Inc.
    http://www.caucho.com/

    Caucho was notified of this vulnerability on April 20th, 2006.
    They fixed this vulnerability in the latest unofficial snapshot
    of Resin 3.0.19, available from Caucho's website.

  4. Solution

    Upgrade to the latest snapshot version of Resin, version 3.0.19.

  5. Detailed analysis

    Caucho Resin is a servlet and JSP server. Resin ships with its own
    standalone web server which runs by default on port 8080. Any remote
    user can request URLs of the form:

    http://victim:8080/C:%5C/

    to access the root of the C: drive (and any files below it). Any
    drive letter can be specified. Only Resin on Windows is vulnerable.

    This vulnerability appears to have been introduced in Resin
    version 3.0.17, although this has not been confirmed by the vendor.

  6. Contact Information

    Rapid7 Security Advisories
    Email: [email protected]
    Web: http://www.rapid7.com/
    Phone: +1 (617) 603-0700

  7. Disclaimer and Copyright

    Rapid7, LLC is not responsible for the misuse of the information
    provided in our security advisories. These advisories are a service
    to the professional security community. There are NO WARRANTIES
    with regard to this information. Any application or distribution of
    this information constitutes acceptance AS IS, at the user's own
    risk. This information is subject to change without notice.

    This advisory Copyright (C) 2006 Rapid7, LLC. Permission is
    hereby granted to redistribute this advisory, providing that no
    changes are made and that the copyright notices and disclaimers
    remain intact.

Related

prion 1
packetstorm 1
cve 1
nessus 1
prion
prion
Directory traversal
2006-05-17 10:06:00
packetstorm
packetstorm
Rapid7 Security Advisory 24
2006-05-22 00:00:00
cve
cve
CVE-2006-1953
2006-05-17 10:06:00
nessus
nessus
Resin for Windows Encoded URI Traversal Arbitrary File Access
2006-05-27 00:00:00
JSON
Related for SECURITYVULNS:DOC:12706
prion1packetstorm1cve1nessus1