| VID |
21327 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The EasyWeb FileManager module on the remote Web server is vulnerable to a Directory Traversal Vulnerability.
EasyWeb FileManager Module designed for PostNuke to manage file and directories inside directory given by site admin. EasyWeb FileManager 1.0 RC-1 could allow a remote attacker to view files on the target system, caused by insufficient sanitization of user-supplied data. By sending the following requests to the 'ew_filemanager' script containing a specially crafted value for the 'pathext' and 'view' variables:
/index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc
/index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc/&view=passwd
A remote attacker could view files on the target system with the privileges of the target web service.
* Note: This check doesn't perform a real test to assess this vulnerability but solely relied on the presence of EasyWeb FileManager Module on the remote web server, so this might be a false positive.
* References:
http://www.cirt.net/advisories/ew_file_manager.shtml
http://www.securitytracker.com/alerts/2004/Jul/1010768.html
* Platforms Affected:
EasyWeb EasyWeb 1.0 RC-1
Linux Any version
Unix Any version
Microsoft Windows Any version |
| Recommendation |
No upgrade or patch available as of June 2014.. Contact to your vendor for this vulnerability. |
| Related URL |
CVE-2004-2047 (CVE) |
| Related URL |
10792 (SecurityFocus) |
| Related URL |
16806 (ISS) |
|
