Viewing arbitrary file from the file system using Eshare Expressions 4 server

From: Alex Forkosh (aforkoshat_private)
Date: Mon Feb 04 2002 - 22:18:42 PST

Next message: Stephen: "OSX ICQ DoS"

Previous message: Swift Griggs: "Re: Vulnerability in Black ICE Defender"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There is a bug in Expressions server where you can view any file on the
drive that the server is installed on by using simple ../../

Example:
If eshare server Is installed at:
C:\eshare\expressions
And lets say this is an NT4.0 machine with os installed in c:\winnt
It is possible to pull win.ini file from winnt directory using 

Proto://domainname.com/../../../../../winnt/win.ini

Any file can be viewed in the manner.

Next message: Stephen: "OSX ICQ DoS"
Previous message: Swift Griggs: "Re: Vulnerability in Black ICE Defender"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Feb 05 2002 - 09:39:07 PST