Symantec Mail-Gear 1.0 Web interface Server Directory Traversal

From: Ussr Labs (labsat_private)
Date: Mon Nov 29 1999 - 08:00:36 PST

Next message: Mike Boto: "Netscape Communicator 4.7 - Navigator Overflows"

Previous message: Mnemonix: "NTInfoScan (now aka Cerberus Internet Scanner) has been updated"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Symantec Mail-Gear 1.0 Web interface Server Directory Traversal
Vulnerability


PROBLEM

UssrLabs found a Symantec Mail-Gear 1.0  Web interface Server Directory
Traversal Vulnerability
Using the string '../' in a URL, an attacker can gain read access to
any file outside of the intended web-published filesystem directory

There is not much to expand on this one....

Example:

http://ServerIp:8003/Display?what=../../../../../autoexec.bat      to show
autoexec.bat


Vendor Status:
Contacted

Vendor   Url: http://www.symantec.com/urlabs/public/index.html
Program Url: http://www.symantec.com/urlabs/public/download/download.html

Credit: USSRLABS

SOLUTION
 Upgrade to Symantec Mail-Gear 1.1

u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c h
http://www.ussrback.com

Next message: Mike Boto: "Netscape Communicator 4.7 - Navigator Overflows"
Previous message: Mnemonix: "NTInfoScan (now aka Cerberus Internet Scanner) has been updated"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:14:37 PDT