Perception's LiteServe Web Server May Disclose Password-Protected Files to Remote Users
|
|
SecurityTracker Alert ID: 1005479 |
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Oct 24 2002
|
Impact: Disclosure of user information
|
Exploit Included: Yes
|
Advisory: SecurityOffice.net
|
Version(s): 2.0
|
Description: An access control vulnerability was reported in Perception's LiteServe web server software. A remote user may obtain certain password-protected files on the server without having to authenticate.
SecurityOffice.net reported that a remote user can create a specially crafted URL that will bypass authentication and obtain password
protected files or folder contents on the web server. According to the report, this exploit method can only be used to obtain files
in sub-folders of the web document root directory (wwwroot).
A demonstration exploit URL is provided:
http://host/./secret/
|
Impact: A remote user can obtain certain password-protected files without authenticating.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: www.cmfperception.com/liteserve.html (Links to External Site)
|
Cause: Access control error
|
Underlying OS: Windows (Any)
|
Reported By: Tamer Sahin <ts@securityoffice.net>
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 24 Oct 2002 21:48:47 +0300
From: Tamer Sahin <ts@securityoffice.net>
Subject: [Full-Disclosure] [SecurityOffice] Liteserve Web Server v2.0 Authorization Bypass Vulnerability
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: MD5
- --[ Liteserve Web Server v2.0 Authorization Bypass Vulnerability ]--
- --[ Type
File Disclosure
- --[ Release Date
October 24, 2002
- --[ Product / Vendor
LiteServe is a powerful, full-featured Web, EMail and FTP server. This server software
is perfect for personal websites or commercial sites with high traffic demands and
multiple domains. All the services that you need work together efficiently in one
program to provide you with a feature-packed server solution that is easy to setup,
manage, and monitor.
http://www.cmfperception.com
- --[ Summary
It is possible to construct a web request which is capable of accessing the contents
of password protected files/folders on the Liteserve Web Server v2.0. This
vulnerability may only be exploited to access password-protected files in sub-folders
of wwwroot.
http://host/./secret/
- --[ Tested
Windows 2000 Sp3 / Liteserve Web Server v2.0
Windows 98 SE / Liteserve Web Server v2.0
- --[ Vulnerable
Liteserve Web Server v2.0
- --[ Disclaimer
http://www.securityoffice.net is not responsible for the misuse or illegal use of any
of the information and/or the software listed on this security advisory.
- --[ Author
Tamer Sahin
ts@securityoffice.net
http://www.securityoffice.net
All our advisories can be viewed at http://www.securityoffice.net/articles/
Please send suggestions, updates, and comments to feedback@securityoffice.net
(c) 2002 SecurityOffice
This Security Advisory may be reproduced and distributed, provided that this Security
Advisory is not modified in any way and is attributed to SecurityOffice and provided
that such reproduction and distribution is performed for non-commercial purposes.
Tamer Sahin
http://www.securityoffice.net
-----BEGIN PGP SIGNATURE-----
Version: 2.6
iQEVAwUAPbhAkvpL5ibJRTtBAQGdSwf9GuO7+01L7JpQwXqs7KBRa+v2BFf0qGaM
Zt0JfimmjPHfCDWtw+eU1yTxEG/85OMrcKvtvfWu+ifqRJOqN/0fpczX37vSN7CS
D1OtNScZT4e1bPrq2UtaWb09RZiqc2fWEj3brHGyOW/YnqYE+O8jb9BNFkUGtsCn
Nn5SJ6Hs4RFYuoAqZvF7Jkw8H6kSH5qLvex3+cUkZu6TohHodoPlwX2x0/0ITHWr
VXXNofzESywSyPc0be6smQnWA+Hxl5CmmYUXd304TLDtVpZqPQoMvPwazMp0An+S
VX8BYiLPON2xVTRDwX3U6wQ+JJW1Xe0WrnMnFSkkRSM5D2Zoe7o5Lg==
=DTXw
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
|
|
