Pi3Web/2.0.0 File-Disclosure/Path Disclosure vuln

From: Tekno pHReak (tek@superw00t.com)
Date: 03/10/02


Date: 10 Mar 2002 04:23:45 -0000
From: Tekno pHReak <tek@superw00t.com>
To: bugtraq@securityfocus.com


('binary' encoding is not supported, stored as-is)

Pi3Web/2.0.0 File-Disclosure/Path Disclosure
***************************************************
Vulnerability
*************

Discovered by: Teknophreak of Malloc()
**************************************
Date: March 9 2002
*******************
Contact: tek@superw00t.com
***************************

Pi3Web is a Webserver available for multiple
Microsoft Windows
platforms.


There are multiple disclosure flaws within the
webserver
that may assist an attacker in performing more
concentrated
attacks against the server and also can allow the
disclosure
of sensitive files on the webserver.

To see the webroot directory just simply cause a 404
error:

http://pi3web-host.com/fake_page


To view files on the web server that you are not
supposted to
be seen do something like:

http://pi3web-host.com/*.extension




Quick Fix:
-------------

Don't use it or wait for vendor patch.




Relevant Pages

  • Re: nobody using sudo -- scary!
    ... don't run your webserver as "nobody". ... If this web server is tightly controlled and only used for controlling ... it permission to run that script. ...
    (comp.lang.perl.misc)
  • Re: design issue - embedded webserver application
    ... A webserver should run on the SBC so that the system can be configured ... using some scripts embedded in html which the webserver then parses ... or suggestions about which technologies to use (cgi for interface? ... trivial learning curve if you don't know what a web server really does ...
    (comp.arch.embedded)
  • Re: PHP Runs In WinXP Command Window But Not In Browser
    ... A surfer users their web browser to send a request to a webserver at ... php script processor back to the web browser. ... You need to check that your web server is working. ...
    (comp.lang.php)
  • RE: website inside or outside the domain?
    ... it is better not to have domain authentication traffic ... publicly accessible web server in a DMZ, with a DC also in the DMZ ... > webserver is ... network) its not the best model to use. ...
    (Focus-Microsoft)
  • backup operation: back up the files belong to www-run
    ... I need to decide how to back up my web server from my office. ... then the script cannot read the files web visitors uploaded (permission ... I try to let my backup script connect to the webserver as root. ...
    (comp.os.linux.security)