Eserv 2.97 Password Protected File Arbitrary Read Access Vulnerability

From: Tamer Sahin (ts@securityoffice.net)
Date: 01/10/02 

From: "Tamer Sahin" <ts@securityoffice.net>
To: <bugtraq@securityfocus.com>
Date: Thu, 10 Jan 2002 01:28:46 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Eserv 2.97 Password Protected File Arbitrary Read Access
Vulnerability

Type:
File Disclosure

Release Date:
January 10, 2002

Product / Vendor:
Eserv Mail, News, Web, FTP and Proxy Servers for Win95/98/NT/2000

http://www.eserv.ru

Summary:
The vulnerability allows you to view any password protected files and
folders on the webserver.

http://host/./passwordprotected/

Example:
All services control panel.

http://host/./admin/

Tested:
Windows 2000 / Eserv 2.97

Vulnerable:
Eserv 2.97 (And may be other.)

Disclaimer:
http://www.securityoffice.net is not responsible for the misuse or
illegal use of any of the information and/or the software listed on
this security advisory.

Author:
Tamer Sahin
ts@securityoffice.net
http://www.securityoffice.net

Tamer Sahin
http://www.securityoffice.net
PGP Key ID: 0x2B5EDCB0 Fingerprint:
B96A 5DFC E0D9 D615 8D28 7A1B BB8B A453 2B5E DCB0

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQA/AwUBPDzSLbuLpFMrXtywEQJI+gCg1oKSgv5sB0sbDpLQ7vOgLt3uXacAoPZG
2z9kL3NZbT5BAErnopuXiBm1
=zRLx
-----END PGP SIGNATURE-----

Relevant Pages

  • Eserv 2.97 Password Protected File Arbitrary Read Access Vulnerability
    ... Eserv 2.97 Password Protected File Arbitrary Read Access ... FREE E-COMMERCE SECURITY INFRASTRUCTURE GUIDE ... When building an e-commerce site, you want to start with a strong, secure ...
    (NT-Bugtraq)
  • [NT] EServ Password Protected File Arbitrary Read Access Vulnerability
    ... EServ is a Mail, News, Web, FTP, and Proxy Server ... A vulnerability in the product allows ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
    (Securiteam)
  • [Full-Disclosure] eServ Memory Leak Solution
    ... the cause and solution of the eServ ... but cannot be exploited to cause major memory loss. ... eServ has had one other vulnerability, a buffer overrun in its virtual host ... I was also informed during discussions with the developer that the reason ...
    (Full-Disclosure)
  • eServ Memory Leak Solution
    ... the cause and solution of the eServ ... but cannot be exploited to cause major memory loss. ... eServ has had one other vulnerability, a buffer overrun in its virtual host ... I was also informed during discussions with the developer that the reason ...
    (Bugtraq)
  • Memory-leak vulnerability in EServ/3.00
    ... eServ includes Mail, News, Web, FTP and Proxy Servers. ... It's the most popular russian server. ... Several time ago similar vulnerability was founded in EServ/2.99 ...
    (Bugtraq)