-----BEGIN PGP SIGNED MESSAGE----- ################################################################ # _____ __ __ ___ # # ........\ \.| |.| |/ \........ # # : / \| | | | __> : # # : / _ \ |_| | / __ : # # : / / \ | <_/ \ : # # :..../ _/ / _ | ` \....: # # : \_________/__| |__|_______/ : # # : Damage Hacking Group : # # : Security Advisory : # # :.............................: # # # # http://www.dhgroup.org # #b d# ##b,________________________________________________________.d## | | Product: Son hServer v0.2 Authors: super-m.narod.ru | Vulnerability: directory traversal | #--------------------------------------------------------------# | Overview: | ~~~~~~~~~ Small russian http server | | #--------------------------------------------------------------# | Problem: | ~~~~~~~~ This server doesn't filter the "|" (slash) symbol. | | #--------------------------------------------------------------# | Exploit: | ~~~~~~~~ Type in your browser: "http://[server]/.|./" and enjoy ;) | | #--------------------------------------------------------------# | :wow: | www.dhgroup.org -=> opened English version! Come on in :) ~~~ NeKr0 /DHG www.dhgroup.org | | #______________________________________________________________# \___________________________da_end___________________________/ Best regards www.dhgroup.org D4rkGr3y icq 540981 -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQCVAwUBPtaTcm4LIpseSJmPAQGULAP8Cwy21KIFzkUd+OxQBkO8cReTtn2xLo/k r/N6wSvMCXk3LKqrLAh+pdHXt76rqX9zI5z2nwrV8P05S4DYtlFSGPDMiCFEyQ/u LZwRs6HiuF3A0DBph9AXAJEfNZfUsX9M619kLk1RTK22T0GqcsPG+fZCh8RBdCBp /zIvGD+T5gc= =it5C -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Wed May 28 2003 - 21:10:13 PDT