Hi! There is a directory traversal flaw in Daniel Arenz' Mini Server 2.1.6 (tested on Windows XP Professional). It could be that prior versions are also affected. It's possible to show every by the web server readable file on the target system by using one of the following URLs: http://192.168.0.2/../../windows\win.ini http://192.168.0.2/..\..\windows\win.ini http://192.168.0.2/AAA[...]AAA..\..\..\..\windows\win.ini It should not be possible to hop through the file system by using some metacharacters (e.g. ".."). Another problem is, that the log window has an upper limit for entries. If the window is full, there could no more entries be added. It would make sense to overwrite the first records or clear the whole window after the overflow. My email to Daniel was sent on 02/10/12. He acknowledged a day later the vulnerability and wrote, that he'll fix the bug(s) in the upcoming version 3.0. Bye, Marc -- Computer, Technik und Security http://www.computec.ch
This archive was generated by hypermail 2b30 : Mon Oct 14 2002 - 15:08:18 PDT