lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200310191916.h9JJGTS24217@pop3now.com>
From: sintraq at sintelli.com (Sintelli SINTRAQ)
Subject: ByteHoard Directory Traversal Vulnerability

ByteHoard Directory Traversal Vulnerability
17 October 2003 

Original Advisory
http://www.sintelli.com/adv/sa-2003-03-bytehoard.pdf

Background
ByteHoard is online storage system whereby users can upload and download 
their files from anywhere with an Internet connection.

More information about the product is available here: 
http://bytehoard.sourceforge.net/index.php?about

Description
ByteHoard does not properly validate user-supplied input for URL 
requests.  This allows directory traversal characters to be added to URL 
request and thus allows directory traversal.

An example is:
http://victim.com/bytehoard/index.php?infolder=../../../../

Impact
It is possible for an attacker to view all files on the system.

Versions affected
Version 0.7

Solution
Upgrade to version 0.71

Tar version
http://prdownloads.sourceforge.net/bytehoard/bytehoard_point_seven_one.tar
gz?download

Zip version
http://prdownloads.sourceforge.net/bytehoard/bytehoard_point_seven_one.zip
?download


Vulnerability History
16 Oct 2003	Identified by Ezhilan of Sintelli
17 Oct 2003	Issue disclosed to ByteHoard developer (Andrew Godwin)
17 Oct 2003	Vulnerability confirmed by Andrew Godwin
17 Oct 2003 	Sintelli provided with fix
17 Oct 2003	Sintelli confirms vulnerability has been addressed
17 Oct 2003	Fix publicly available
17 Oct 2003	Sintelli Public Disclosure

Credit
Ezhilan of Sintelli discovered this vulnerability.

About Sintelli:
Sintelli is the world’s largest provider of security intelligence 
solutions.  Sintelli is the definitive source for IT Security 
intelligence and is a provider of third generation intelligence security 
solutions.  

Request a free trial of our alerting solution by clicking here 
http://www.sintelli.com/free-trial.htm

Copyright 2003 Sintelli Limited.  All rights reserved. www.sintelli.com 




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ