[Full-Disclosure] directory traversal in ParaChat Server 5.5

• Previous message: Luigi Auriemma: "[Full-Disclosure] Code execution in Icecast 2.0.1"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <full-disclosure@lists.netsys.com>
Date: Tue, 28 Sep 2004 21:12:23 -0000

                           Donato Ferrante

Application: ParaChat Server
              http://www.parachat.com/

Version: 5.5

Bug: directory traversal

Date: 28-Sep-2004

Author: Donato Ferrante
              e-mail: fdonato@autistici.org
              web: www.autistici.org/fdonato

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

1. Description
2. The bug
3. The code
4. The fix

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

----------------
1. Description:
----------------

Vendor's Description:

"ParaChat Server v5.5 is a fast, easy and affordable way to host and
manage your own real-time communication software - for one web site,
or for multiple web sites."

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
2. The bug:
------------

The server is not able to manage the sequence "..%5C/", that is
equal to "..\/", this lets an attacker to navigate through the
victim system simply using a web browser.

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-------------
3. The code:
-------------

To test the vulnerability:

http://[host]:7877/..%5C/..%5C/

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
4. The fix:
------------

Vendor was contacted.
Bug will be fixed in the next version.

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Previous message: Luigi Auriemma: "[Full-Disclosure] Code execution in Icecast 2.0.1"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages MyBloggie 2.1.6 SQL Injection ... Web Site: http://mybloggie.mywebland.com/ ... Bug: SQL Injection ... Fix Available: No ... (Bugtraq) WebTester 5.0.2 sql injection and XSS vulnerabilities ... Bug: Cross Site Scripting and SQL Injection ... Fix Available: No ... download the latest version from the web site. ... (Bugtraq) Re: WHY IS THE TEXT CURSOR TINIER THAN MY FONT IN WORD 2003? ... bug and this is reported to fix it. ... Word MVP web site http://word.mvps.org ... (microsoft.public.word.docmanagement) directory traversal in ParaChat Server 5.5 ... Application: ParaChat Server ... The bug ... The fix ... manage your own real-time communication software - for one web site, ... (Bugtraq) directory traversal in ParaChat Server 5.5 ... Application: ParaChat Server ... The bug ... The fix ... manage your own real-time communication software - for one web site, ... (Bugtraq)