Dino's WebServer, File Transversal Vulnerability Date: January 8, 2002 Author: CaMaLeOn Affected: Dino's WebServer Tested by: CaMaLeOn, DraZiw, WiZaRd Versions Test: 1.x Vendor Status: Notified Plattaforms: win9x, win2000, WinNT Dino's Webserver is a small and very simple to use web server that is intended to allow you to setup a quick and basic web server to serve a home page from your local computer. It includes a log function as well as a simple web hit counter with different design styles to choose from. All it requires is the IP adress of your machine (which it automatically detects), the web directory and port to use. The program is intended for casual home usage only. A vulnerability has been discovered in Dino's WebServer which may allow a remote attacker to view the contents of arbitrary files. Dino's WebServer does not adequately filter '../' sequences from web requests: eg: win9x= www.hostvulnerable.com/../windows/admin.pwl winnt= www.hostvulnerable.com/../winnt/system32/cmd.exe? /c+dir+c:\ (no tasted) by CaMaLeOn
