[VIM] Webmin traversal - changelog

George A. Theall theall at tenablesecurity.com
Tue Jul 11 09:55:44 EDT 2006


Heinbockel, Bill wrote:

> Is this (CVE-2006-3392) related to the resent posting on Bugtraq?
> http://www.securityfocus.com/archive/1/archive/1/439653/100/0/threaded
...
> which lists a directory traversal URL similar to that below:
> http:
> //[url]/unauthenticated/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01
> /..%01/[file]
> (the "/..%01" sequence is repeated 61 times).

Yes, it's *very* similar to the exploit I used when I wrote my Nessus
plugin to test for the original flaw:

  http://www.nessus.org/plugins/index.php?view=viewsrc&id=21785

That plugin was first published on 6/30.

George
-- 
theall at tenablesecurity.com


More information about the VIM mailing list