RobTex Viking Web/Proxy Server Relative Path Vulnerability
A vulnerability exists that lets an attacker break out of Web root by using relative paths.
Ken Pfeil
April 25, 2001
1 Min Read
Reported April 23, 2001, by Joetesta.
VERSION AFFECTED
RobTex Viking Web/Proxy Server 1.07 for Windows 2000, Windows NT, and Windows 9x
DESCRIPTION
Avulnerabilityexists that lets an attacker break out of Web root by using relative paths. Forexample, an attacker can gain access to files outside of the Web root directoryby connecting to a vulnerable host and issuing the command http:///....
VENDOR RESPONSE
Thevendor, RobTex, has released build378 that corrects this issue.
CREDIT
Discovered by Joetesta.
About the Author
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
You May Also Like