[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Arbitrary File Download in InterScan Web Security Virtual Appliance 5.0
# Published : 2010-06-23
# Author : Ivan Huertas
# Previous Title : InterScan Web Security 5.0 Arbitrary file upload
# Next Title : Joomla JE Ajax Event Calendar SQL Injection Vulnerability
# Exploit Title: Arbitrary File Download in InterScan Web Security
Virtual Appliance 5.0
# Date: 22-06-2010
# Author: Ivan Huertas
# Software Link:
http://downloadcenter.trendmicro.com/index.php?clk=tbl&clkval=249®s=NABU?_loc=1
# Version: 5.0
# Tested on: Red Hat Nash 5.1
Vulnerability Description:
The vulnerability is caused due to an improper check in ¡°com.trend.iwss.gui.servlet.exportreport¡±
servlet, allowing the download of arbitrary files. Using a path traversal technique, an attacker can
change the original path to the file, modifying the parameter ¡°exportname¡±.
Servlet ¡°com.trend.iwss.gui.servlet.ConfigBackup¡± is also affected by this vulnerability in the
parameter ¡°pkg_name¡±
Download:
http://www.exploit-db.com/sploits/cybsec_advisory_2010_0606_InterScan_Web_Security_5_0_Arbitrary_File_Download.pdf