Sambar Server File Overwrite Vulnerability

vendor:

Sambar Server

by:

SecurityFocus

7.5

CVSS

HIGH

File Overwrite Vulnerability

264

CWE

Product Name: Sambar Server

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: Yes

Related CWE: N/A

CPE: a:sambar_software:sambar_server

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Microsoft Windows and Unix systems

2002

Sambar Server File Overwrite Vulnerability

Sambar Server is a multi-threaded HTTP server for Microsoft Windows and Unix systems. It is bundled with a sample script('pagecount') which creates temporary files on the host. However, it is possible for a remote attacker to craft a web request which will cause pagecount to overwrite existing files. Files attacked in this manner will be corrupted, leading to loss of critical data and a denial of services.

Mitigation:

Ensure that the Sambar Server is updated to the latest version and that all security patches are applied.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/3091/info

Sambar Server is a multi-threaded HTTP server for Microsoft Windows and Unix systems.

Sambar WWW Server is bundled with a sample script('pagecount') which creates temporary files on the host. However, it is possible for a remote attacker to craft a web request which will cause pagecount to overwrite existing files. Files attacked in this manner will be corrupted.

Loss of critical data and a denial of services may occur if system files are overwritten.

http://sambarserver/session/pagecount?page=index will create a file in Sambar temp directory with name 'index'

http://sambarserver/session/pagecount?page=../../../../../../autoexec.bat then the script will rewrite the first symbols of c:\autoexec.bat with it's number.

So we are able to add some text to any file on the disk.