Eserv 2.50 Web Server Directory Traversal Vulnerability
Reported November 8, 1999 by
USSRLabs
VERSIONS EFFECTED
  • Eserv 2.5

DESCRIPTION

UssrLabs discovered a problem with the Eserv Web Server, where directories may be traversed using the string "../" in a URL. Throw this problem, an attacker can gain read access to any file outside of the intended web-published filesystem directory.

DEMONSTRATION

A URL such as http://127.1:3128/../../../conf/Eserv.ini can be used to show the contents of the site"s configuration file, including user account names.

VENDOR RESPONSE

None as of November 8, 1999.

CREDITS
Reported by USSRLabs

Posted here at NTSecurity.NET on November 8, 1999