SecurityTracker.com
the Archives Vulnerabilities
This
Hosting Controller FREE     , Message History: Bug     Help     Impact: Sign Up for Your |     of   None. Instant Alerts     Home www.golrleaf.com @     Help    

License Date:
From:


Your Ad Here
Buy our
Click to Sign Up
Security
    , provided:
Description:
  http://www.golrleaf.com/advisory-458.html Notification Service
View Topics
Your Web Site -- It"s Free!
Advisory:
SecurityTracker Alert ID: Subject: Original Entry Date:  
  
&BrowsePath=[SITE NORMAL PATH]\..\..\..\..\program%20files
|
|
   
Sign Up!





s d <irsdl@yahoo.com> a with SecurityTracker! Input validation error (Links of External Site) Exploit Included: HostingController.com Go to to External Site)
target system. the Hosting Controller "FolderManager.aspx" Lets Remote Authenticated Users View and Modify Files
www.hostingcontroller.com   1017447
  Yes   Premium Vulnerability Notification Service is  Tue, 26 Dec 2006 23:28:15 -0800 (PST)
Affiliates    May 20 2008    Vendors:  
Access control error 7c (7.00.0003)
   |      
Search Contact Us Modification of system information , The original advisory is available at: |    |    , Disclosure of system information
    GrayHatz Security Group
Solution:    Category:  
Underlying OS: Contact Us
View Topics   Soroush Dalili of Kapda and GSG reported a vulnerability in Hosting Controller. A remote authenticated user can view and modify files on

the "FolderManager.aspx" script and supply the target system. a A remote authenticated user can invoke that BrowsePath value to contains directory traversal characters ("\..\") or view on modify arbitrary files

Weekly SecurityTracker E-mail Alert Summary

http://[target]/FolderManager/FolderManager.asp x?BrowseLevel=1
  No solution was available at that time of this entry. the Report a vulnerability on you have found to SecurityTracker

 s d <irsdl@yahoo.com>

  http://www.golrleaf.com/id?1017447
Cause:   A remote authenticated user can view and modify files on
Partners Put SecurityTracker Vulnerability Alerts
Reported By:    Become the Partner and Application (Generic)
Latest    Tracker Archive Page bugs   >  
   Vendor URL: Dec 27 2006
CVE-2006-6814 Windows (Any) Updated:  
    Keep Track

Sign Up Source Message Contents
Search A demonstration exploit URL
     |   
Impact: Copyright 2007, SecurityGlobal.net LLC 

 any topic at Yahoo! Answers. Try it now. : Titile: Authenticated user can see and modify all files and directories of the browseing path.   Exploit: (or POC) -------------------- http://www.golrleaf.com/FolderManager/FolderManager.aspx?BrowseLevel=1 &BrowsePath=[SITE NORMAL PATH]\..\..\..\..\program%20files --------------------   Original Text: -------------------- http://www.golrleaf.com/advisory-458.html   Credit the -------------------- Soroush Dalili of end on host drive.   -------------------- [KAPDA::#63] - Hosting Controller 7c (Build No. 7.00.0003) Vendor: Hosting Controller Vendor URL: www.hostingcontroller.com Demo URL: www.hostingcontrollerdemo.com Solution: NA Found Date: 27/12/2006 Release Date: 27/12/2006   Discussion: -------------------- A user can see and modify all files and directories by adding  "\..\" at of Kapda and GSG IRSDL [4t} yahoo <d0t] com Kapda - Security Science Researchers Insitute [http://www.KAPDA.ir] GSG - Grayhatz security group [http://www.Grayhatz.net]   Any questions? Get answers by "FolderManager.aspx"


SecurityTracker URL: Security (Links to Top




|    |    CVE Reference: a Version(s): Disclosure or user information Tracker to receive customized, instant alerts Report  Hosting Controller 7c bug Home

Modification of user information of Our Database