Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb Directory Traversal

EDB-ID:

23532

CVE:



Author:

badpack3t

Type:

remote


Platform:

Windows

Date:

2004-01-09


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

source: https://www.securityfocus.com/bid/9388/info

It has been reported that FreeWeb server of FreeProxy may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory. The issue may allow a remote attacker to traverse outside the server root directory by using '../' character sequences. 

FreeProxy versions 3.6 and prior are reported to be prone to this issue.

http://www.example.com/../../../../boot.ini%00.html