Arbitrary Files Deleting in ASG-Sentry
The fcheck.exe (File Check Utility) CGI available in ASG is used for handling some index files which contain a list of filenames and checksums. The -b option of this utility allows the creation of these index files and is possible to specify both the name of the output file and, optionally, the folder which will be scanned recursively for finding and reading the various files to add to the list. The first vulnerability is in the possibility for an external attacker to use this CGI for overwriting existent files with no data (specifying a new folder which will be created by the same program) or with the list of filenames and checksums. The second vulnerability is in the possibility for an external attacker to delete arbitrary files on the server by using the -d option of the fcheck.exe CGI. The third vulnerability is in the possibility for an external attacker to delete arbitrary files on the server by using the -r option of the fcheck.exe CGI.