PDA

Bekijk Volledige Versie : Vulnerability in WebCollection Plus (TM)



15/01/03, 22:49
These vulnerabilities were found / tested on:

WebCollection Plus (TM)
Copyright 2001 Follett Software Company
Version 5.00
Revision 12-01-A Dec 19 2001

Program protects from reading other non-webserver accessible files by
checking for a : or excessive .'s in a string. If the URL has a / at the
beginning, it has the affect of reading from C:\ for example, to read
C:\bootlog.txt the URL to use is something like
http://vulnerableserver/wx/s.dll?d=/bootlog.txt

Found the latest version revision is 5.05, but could not find a 5.05
copy to test on.

Manufacturer of program was contacted by Phone, and the vulnerability was
reported to them. Follet Software has not replied concerning not being
submitted to bugtraq, so I have to assume they do not care.

f0urtyfive
www.ceteranet.com