TUCoPS :: Web :: Servers :: web4998.htm

Web Server 4D/eCommerce directory traversal & DoS vulnerability
15th Jan 2002 [SBWID-4998]
COMMAND

	Web Server 4D/eCommerce directory traversal & DoS vulnerability

SYSTEMS AFFECTED

	Web Server 4D/eCommerce 3.5.3 (Windows & Macintosh)

PROBLEM

	In   Tamer   Sahin   [http://www.securityoffice.net]    &    Zillion
	[http://www.safemode.org] advisories :
	

	Server crashes after sending very long URL a few times.
	

	http://host/AAAAAAAAA...(Ax2500)...AAA

	

	

	It is also possible to gain access to  a  known  file  residing  on  the
	target host. This is achievable if a specially crafted URL  composed  of
	double  dot  \"../\"  directory  traversal   sequences,   with   Unicode
	character  representations  substituted  for  \"/\"  and  \"\\\"  ,   is
	submitted to a host.
	

	Example:
	

	http://host/%2f..%2f..%2f../ws4d.log.txt

	

	view webserver log file.

SOLUTION

	None yet.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH