Re: Ikonboard Bulletin Board Software Allows Remote Viewing of Files and Directories Outside of The Software's Root Directory - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Generic) > Ikonboard

Vendors: Ikonboard.com

Re: Ikonboard Bulletin Board Software Allows Remote Viewing of Files and Directories Outside of The Software's Root Directory

SecurityTracker Alert ID: 1001074

SecurityTracker URL: http://securitytracker.com/id/1001074

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Date: Mar 12 2001

Impact: User access via network

Version(s): 2.1.7b

Description: It is reported that Ikonboard bulletin board software for web sites contains a vulnerability that allows remote users to view files on the server that reside outside of the product's root directory.

A user notes that version 2.16b is vulnerable to this attack as well.

This user reports their personal fix for this:

if($inhelpon =~ /\.\./) { &hackdetected; }

then at the bottome append:

sub hackdetected {
print "Content-type: text/plain\n\n";
print "sorry, this hole was patched :)\n";
print "you have been logged.\n";
exit;
}

Impact: A remote user with access to the web server could request and view files and directories outside of Ikonboard's root directory.

Solution: No solution was available at the time of this entry.

Vendor URL: www.ikondiscussion.com/ikonboard/ (Links to External Site)

Cause: Input validation error

Underlying OS: Windows (NT), Windows (2000)

Message History: This archive entry is a follow-up to the message listed below.

Ikonboard Bulletin Board Software Allows Remote Viewing of Files and Directories Outside of The Software's Root Directory

Source Message Contents

Date: Mon, 12 Mar 2001 05:27:38 -0500
Subject: Re: Ikonboard v2.1.7b "show files" vulnerability


Version 2.16b is vulnerable to this attack as well.

My fix for this was to simply insert as line 45:

if($inhelpon =~ /\.\./) { &hackdetected; }

then at the bottome append:

sub hackdetected {
print "Content-type: text/plain\n\n";
print "sorry, this hole was patched :)\n";
print "you have been logged.\n";
exit;
}

Ok course you could change this to whatever..

All of the valid helpfiles should be in the same directory as help.cgi,
so this *should* work..

-darren
----------------------------------
E-Mail: decker@n3t.net
http://n3t.net
"Finem Respice"
----------------------------------

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC