LocalWEB2000 Content Password Protection Bypass Vulnerability

vendor:

LocalWEB2000 Standard

by:

SecurityFocus

CVSS

MEDIUM

Bypass Vulnerability

CWE

Product Name: LocalWEB2000 Standard

Affected Version From: LocalWEB2000 Standard Version 2.1.0

Affected Version To: LocalWEB2000 Standard Version 2.1.0

Patch Exists: NO

Related CWE: N/A

CPE: //a:localweb2000

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2002

LocalWEB2000 Content Password Protection Bypass Vulnerability

A vulnerability exists in LocalWEB2000 related to content password protection. It is possible to have LocalWEB2000 treat files as unprotected by requesting them as files within the '.' (current) directory. If the file http://server/file.txt is set to be password protected, the protection will be bypassed if a request is made for http://server/./file.txt. This is likely due to a design error in the protection component.

Mitigation:

Ensure that all files are properly protected and that requests for files in the '.' directory are blocked.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/4820/info

A vulnerability exists in LocalWEB2000 related to content password protection. It is possible to have LocalWEB2000 treat files as unprotected by requesting them as files within the '.' (current) directory. If the file http://server/file.txt is set to be password protected, the protection will be bypassed if a request is made for http://server/./file.txt. This is likely due to a design error in the protection component.

This vulnerability was reported for LocalWEB2000 Standard Version 2.1.0. Other versions (such as the Professional Edition) may also be affected by this issue. 

http://target/./protectedfolder/protectedfile.htm