- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19383
- Проверка EDB
-
- Пройдено
- Автор
- EEYE
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- null
- Дата публикации
- 1999-02-22
Qbik WinGate Standard 3.0.5 - Log Service Directory Traversal
Код:
source: https://www.securityfocus.com/bid/507/info
The WinGate log service is configured by default to only allow connections from 127.0.0.1, but can be set to allow connections from anywhere. Either way, there is a vulnerability that will allow any file to be read through the log service port over an http connection.
Update (October 16, 2000):
Blue Panda <[email protected]> has discovered that a variation of the vulnerability exists in recent versions. Using escaped characters, one can achieve the same effect.
There are various ways of exploiting this.
NT and Win9x:
h t t p://www.server.com:8010/c:/
h t t p://www.server.com:8010//
Win9x only:
h t t p://www.server.com:8010/..../- Источник
- www.exploit-db.com
