|
Hi.
Below is a sniplet of a mail sent to Buqtraq last
weekend.
I've been playing around with this a bit and I
discovered that you
can also download files using an url like
this:
(%5c = "/")
this will give you the file you want.
Stian Myhre
Norway.
on 3/30/01 11:26 PM, "lovehacker" <[EMAIL PROTECTED]> wrote:
> Topic: > Tomcat 3.2.1 for win2000 Directory traversal > Vulnerability > > vulnerable: > Tomcat 3.2.1 for win2000 > maybe for other operating system also. > > discussion: > A security vulnerability has been found in Windows > NT/2000 systems that have Tomcat 3.2.1 > installed.The > vulnerability allows remote attackers to access files > outside the document root directory scope. > > exploits: > http://target:8080/%2e%2e/%2e%2e/%00.jsp > It is possible to cause the Tomcat server to Listing > outside the document root directory scope. > > solution: > None > > Copyright 2000-2001 CHINANSL. All Rights > Reserved. Terms of use. > > CHINANSL Security Team > <[EMAIL PROTECTED]> > CHINANSL INFORMATION TECHNOLOGY CO.,LTD > (http://www.chinansl.com) |
