RobTex Viking Web/Proxy Server Relative Path Vulnerability

A vulnerability exists that lets an attacker break out of Web root by using relative paths.

Ken Pfeil

April 25, 2001

1 Min Read
ITPro Today logo in a gray background | ITPro Today

Reported April 23, 2001, by Joetesta.

VERSION AFFECTED

  • RobTex Viking Web/Proxy Server 1.07 for Windows 2000, Windows NT, and Windows 9x

DESCRIPTION

Avulnerabilityexists that lets an attacker break out of Web root by using relative paths. Forexample, an attacker can gain access to files outside of the Web root directoryby connecting to a vulnerable host and issuing the command http:///....

 

VENDOR RESPONSE

 

Thevendor, RobTex, has released build378 that corrects this issue.

 

CREDIT
Discovered by Joetesta.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like