The WebConnect 6.4.4 and 6.5 contains several vulnerabilities such as: - Denial of Service when requesting an DOS Device in Path Name - Reading of files outside webroot (Directory traversal) Requesting "DOS Device in Path Name" Denial of Service When requesting a DOS device in the URL the server will stop responding to any further requests before a manual restart of service has been made. This attack can be preformed on both the client website and the administration interface. Vulnerable versions: - WebConnect 6.4.4 (Possible previous versions) - WebConnect 6.5 CERT response: - VU#552561 CAN-2004-0466 Reading of files outside webroot (Directory traversal) When sending a specially crafted request to the server it is possible to read files outside the webroot. Since the service as default runs with system rights, this could give access to the entire partition that WebConnect are installed on. Vulnerable versions: - WebConnect 6.4.4 (Possible previous versions) CERT response: - VU#628411 CAN-2004-0465 Read the full advisory for both the vulnerabilities at: http://www.cirt.dk/
