alt-n WorldClient standard 2.1 - Directory Traversal

EDB-ID:

20070

CVE:

2000-0660

EDB Verified:

Author:

Rikard Carlsson

Type:

remote

Exploit: /

Platform:

Windows

Date:

2000-07-12

Vulnerable App:

source: https://www.securityfocus.com/bid/1462/info

The HTTP interface for WorldClient 2.1 is vulnerable to a directory traversal. By requesting a URL composed of the filename and ..\ it is possible for a remote user to retrieve and dowload any file of known location.

Example: 
http://email.victim.com/..\..\..\winnt\repair\sam._

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services