Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:30712
HistoryMay 10, 2014 - 12:00 a.m.

Directory Traversal Vulnerability in VMTurbo Operations Manager 4.5 or earlier

2014-05-1000:00:00
vulners.com
18
JSON

Product: VM Turbo Operations Manager
Vendor: VM Turbo
Vulnerable Version(s): 4.5.x earlier
Tested Version: 4.0
Advisory Publication: April 11, 2014
Vendor Notification: April 11, 2014
Public Disclosure: May 8, 2014
Vulnerability Type: Directory Traversal

Discovered and Provided: (Jamal Pecou) Security Focus ( https://www.securityfocus.com/ )

Advisory Details:

A vulnerability affecting “/cgi-bin/help/doIt.cgi" in VM Turbo Operations Manager allows directory traversal when the URL encoded POST input “xml_path” was set to “…/…/…/…/…/…/…/…/…/…/etc/passwd” we could see the contents of this file.

The following exploitation example displays the contents of /etc/passwd

http://[host]/cgi-bin/help/doIt.cgi?FUNC=load_xml_file&xml_path=…/…/…/…/…/…/…/…/…/…/etc/passwd

Solution:

The vendor has released a fix for this vulnerability in version 4.6.

References:

[1] https://support.vmturbo.com/hc/en-us/articles/203170127-VMTurbo-Operations-Manager-v4-6-Announcement

JSON