| VID |
21198 |
| Severity |
30 |
| Port |
80, ¡¦ |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The "store.cgi" CGI is installed. Thinking Arts LTD E-Commerce package, ES.One comes with a webstore frontend called store.cgi which allows people to basically order products on their website over a SQL database. The store.cgi program could allow a remote attacker to traverse directories on the Web server, due to insufficient checks performed on parameters passed to store.cgi through the "StartID" argument. A remote attacker can request a URL containing "dot dot" sequences (/../) and ending with '%00.html' to traverse directories and view any file on the Web server. |
| Recommendation |
No remedy available as of Feburary 2001. Remote the CGI |
| Related URL |
CVE-2001-0305 (CVE) |
| Related URL |
2385 (SecurityFocus) |
| Related URL |
6124 (ISS) |
|
