CAT2 - exploit.company

vendor:

CAT2

by:

StAkeR

7.5

CVSS

HIGH

Local File Inclusion

CWE

Product Name: CAT2

Affected Version From: 1.2

Affected Version To: 1.2

Patch Exists: YES

Related CWE: N/A

CPE: a:cat2:cat2:1.2

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

CAT2 <= 1.Local File Inclusion Vulnerability

A vulnerability in CAT2 version 1.2 allows an attacker to include arbitrary files from the local file system via a specially crafted URL. The vulnerable file is objects/extern/spaw/spaw_control.class.php, which allows an attacker to include arbitrary files from the local file system via the spaw_root parameter. An attacker can exploit this vulnerability by sending a specially crafted URL containing directory traversal sequences (e.g. '../../etc/passwd%00') to the vulnerable file.

Mitigation:

Upgrade to the latest version of CAT2.

Source

Exploit-DB raw data:

@~~===========================================~~@
|  Author => StAkeR ~ StAkeR@hotmail.it         |  
@~~===========================================~~@ 
+                                                
@~~==========================================================================~~@
|  CAT2 <= 1.Local File Inclusion Vulnerability                                |
@~~==========================================================================~~@
|  objects/extern/spaw/spaw_control.class.php?spaw_root=../../etc/passwd%00    |
@~~==========================================================================~~@
+
@~~====================================================~~@
|  http://downloads.sourceforge.net/cat-2/CAT2-1_2.zip   |               
@~~====================================================~~@

# milw0rm.com [2008-07-01]