Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Avenger's News System Directory Traversal Vulnerability

Avenger's News System Directory Traversal Vulnerability

by Nikola Strahija on February 23rd, 2002 ANS does not filter dot-dot-slash (../) sequences from web requests, making it prone to directory traversal attacks. As a result, the attacker may display the contents of arbitrary web-readable files.


Information disclosed in this manner may aid the attacker in further "intelligent" attacks against the host.

Remote: Yes

Exploit: This issue may be exploited with a web browser.

Solution: The following workaround has been suggested:

(replace the offending code with):

if (substr($QUERY, 0, 2) eq "p="){
$QUERY =~ s/([&;`'|"*?~^()[]{}$nr])/$1/g; #filter meta
characters
$QUERY =~ s/..//g; #filter double dot (..)
$plugin = substr((split /&/, $QUERY)[0], 2);
if (index("$QUERY", "&") ;
close (PLUGIN);

eval("@plugin");
exit;
}


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »