[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <00d801c39777$e7db30b0$5746370a@nsp.co.nz>
From: venom at gen-x.co.nz (VeNoMouS)
Subject: ByteHoard Directory Traversal Vulnerability
all files or just the contents of a folder?
----- Original Message -----
From: "Sintelli SINTRAQ" <sintraq@...telli.com>
To: <full-disclosure@...ts.netsys.com>; <bugtraq@...urityfocus.com>
Sent: Monday, October 20, 2003 8:16 AM
Subject: [Full-Disclosure] ByteHoard Directory Traversal Vulnerability
> ByteHoard Directory Traversal Vulnerability
> 17 October 2003
>
> Original Advisory
> http://www.sintelli.com/adv/sa-2003-03-bytehoard.pdf
>
> Background
> ByteHoard is online storage system whereby users can upload and download
> their files from anywhere with an Internet connection.
>
> More information about the product is available here:
> http://bytehoard.sourceforge.net/index.php?about
>
> Description
> ByteHoard does not properly validate user-supplied input for URL
> requests. This allows directory traversal characters to be added to URL
> request and thus allows directory traversal.
>
> An example is:
> http://victim.com/bytehoard/index.php?infolder=../../../../
>
> Impact
> It is possible for an attacker to view all files on the system.
>
> Versions affected
> Version 0.7
>
> Solution
> Upgrade to version 0.71
>
> Tar version
> http://prdownloads.sourceforge.net/bytehoard/bytehoard_point_seven_one.tar
> gz?download
>
> Zip version
> http://prdownloads.sourceforge.net/bytehoard/bytehoard_point_seven_one.zip
> ?download
>
>
> Vulnerability History
> 16 Oct 2003 Identified by Ezhilan of Sintelli
> 17 Oct 2003 Issue disclosed to ByteHoard developer (Andrew Godwin)
> 17 Oct 2003 Vulnerability confirmed by Andrew Godwin
> 17 Oct 2003 Sintelli provided with fix
> 17 Oct 2003 Sintelli confirms vulnerability has been addressed
> 17 Oct 2003 Fix publicly available
> 17 Oct 2003 Sintelli Public Disclosure
>
> Credit
> Ezhilan of Sintelli discovered this vulnerability.
>
> About Sintelli:
> Sintelli is the world's largest provider of security intelligence
> solutions. Sintelli is the definitive source for IT Security
> intelligence and is a provider of third generation intelligence security
> solutions.
>
> Request a free trial of our alerting solution by clicking here
> http://www.sintelli.com/free-trial.htm
>
> Copyright 2003 Sintelli Limited. All rights reserved. www.sintelli.com
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
Powered by blists - more mailing lists