[VIM] Verified: dot in Miniwebsvr 0.0.6
Heinbockel, Bill
heinbockel at mitre.org
Tue Feb 13 10:32:47 EST 2007
Research: bl4ck
BUGTRAQ:20070211 Miniwebsvr 0.0.6 - Directory traversal
In src/server.c (lines 221-229):
// Check for sub-root hacking, If found send a forbidden.
if (strstr(filename,"../")!=NULL)
{
strlcat(inst->logbuffer," ;",SERVER_BUFFER_SIZE);
setHeader_respval(inst,403); // Forbidden
printHeader(inst,headeronly,Buffer,SEND_BUFFER_SIZE); // No
need to read
goto serverquit;
}
So only a directory traversal of .. will work.
William Heinbockel
Infosec Engineer
The MITRE Corporation
202 Burlington Rd. MS S145
Bedford, MA 01730
heinbockel at mitre.org
781-271-2615
More information about the VIM
mailing list