[20844] in bugtraq
Webtrends HTTP Server %20 bug
daemon@ATHENA.MIT.EDU (Auriemma Luigi)
Mon Jun 4 11:42:13 2001
Date: Sun, 3 Jun 2001 12:41:51 +0200 (ora legale Europa occidentale)
From: Auriemma Luigi <kaino3@genie.it>
To: <BUGTRAQ@securityfocus.com>
Message-ID: <Pine.WNT.4.33.0106031211050.1496-100000@ect004>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
*** I'm sorry if this bug is already known, but I have not found it in the
SecurityFocus and other archives.
Author: Auriemma Luigi
VERSION TESTED: Webtrends HTTP Server V3.1c (Webtrends Reporting Server)
RISK: Viewing the source of the cgi scripts
The bug is really simple. If the attacker insert an unicode space (%20)
after the script file, the server think that the file requested is not a
cgi script and for this it shown the source; this is an example:
http://host/remote_login.pl%20
And the result is the source of "remote_login.pl".
I have not contacted Webtrends because I wait for more opinions, and for
result with other versions.
Thanks for your attention.
