STG Security Advisory: [SSA-20031025-05] InfronTech WebTide 7.04 Directory

and File Disclosure Vulnerability



Revision 1.0

Date Published: 2003-10-25 (KST)

Last Update: 2003-10-25

Disclosed by SSR Team (advisory@stgsecurity.com)



Abstract

========

InfronTech's J2EE Web Application Server, WebTide, is a localized product of

PowerTier 7.0 developed by  Persistence Software. The WebTide has a

vulnerability disclosing directories and files on a web server through a

request.



Vulnerability Class

===================

Implementation Error: Inappropriate Implementation



Details

=======

Being implemented inappropriately, the WebTide has a vulnerability

disclosing directories and files on a web server through %3f.jsp request.



This vulnerability revives following reports on the same vulnerability of

other JSP engines without discrimination:



http://lists.insecure.org/lists/vuln-dev/2001/Nov/0339.html

http://www.securityfocus.com/advisories/3689





Impact

======

Directory and file disclosure



Solution

=========

Upgrade to WebTide 7.05 or later



Vulnerable Products

================

WebTide 7.04 and prior



Vendor Status: Notified

=======================

2003-10-13 Infrontech notified.

2003-10-15 Second attempt to contact the vendor.

2003-10-15 Vendor replied their new versions are not vulnerable.

2003-10-15 SSR Team tested and confirmed.

2003-10-23 Third attempt to contact the vendor.

2003-10-25 Public disclosure.



Credits

======

Jeremy Bae at STG Security



About STG Security

=================

STG Security Inc. is a affiliated company of STG Group which has its head

office in the States founded in march 2000. Its core business area is

professional penetration testing, security code review and BS7799 consulting

services.



http://www.stgsecurity.com/



Phone +82-2-6333-4500

FAX +82-2-6333-4545