| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: mbassett at omaha.com (Bassett, Mark) Subject: Directory Traversal in Accipiter Direct Server 6.0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ~ Severity: High ~ Title: Accipiter Direct Server ~ Date: January 09, 2004 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A security vulnerability has been found in Accipiter Direct Server 6 that allows retrieval of arbitrary files. Background ========== Accipiter Direct Server is responsible for advertisement handling for badge and banner ads as well as advertisement tracking. The Direct server acts as an http server listening for specially formed requests. It is a proprietary system and cannot be disabled. Description =========== Arbitrary files can be viewed by using the exploit detailed in CVE-2000-1075 Attacker traverses the http server and retrieves arbitrary files by sending specially formed requests through a web browser. http://accipiterserver/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini Workaround ========== Vendor will be providing a patch with the next major release. Until then you may run your accipiter direct server as an unprivileged user restricted to the webroot. Mark Bassett Network Administrator World media company Omaha.com 402-898-2079
Powered by blists - more mailing lists