| Title: | Directory traversal vulnerability in VDC iNCM |
|---|---|
| Severity: | Moderate |
| Reporter: | superkhung |
| Products: | VDC iNCM beta 9 |
| Fixed in: | -- |
VDC iNCM contains a directory traversal in its FServer module that allows an attacker to read arbitrary file on the server. An attacker can connect to port 8081 and issue a normal HTTP request for files that reside on the same drive. These files may contain sensitive data such as customer information, server database, system config file.
Administrator could filter port 8081 or turn off the FServer module for security purpose. However, this will reduce application's feature. Specifically, clients will not be able to retrieve web filter rules.
There is no fix at the moment. Customers are advised to contact the vendor directly for a proper fix.
Blue Moon Consulting adapts RFPolicy v2.0 in notifying vendors.
| Initial vendor contact: | |
|---|---|
| May 06, 2008: alert sent to incm102006@yahoo.com | |
| Vendor response: | |
| -- | |
| Public disclosure: | |
| May 13, 2008 | |
| Exploit code: | use .. to escape from installation directory |
http://<server_ip>:8081/../../../../boot.ini
The information provided in this advisory is provided "as is" without warranty of any kind. Blue Moon Consulting Co., Ltd disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. Your use of the information on the advisory or materials linked from the advisory is at your own risk. Blue Moon Consulting Co., Ltd reserves the right to change or update this notice at any time.