security hole...bad one.
-
Could you please fix the following? you can easily get at root with this and I've verified.
HIGHGoAhead Embedded Web Server websNormalizeUriPath() Directory Traversal Vulnerability
Description
The remote GoAhead embedded web server is affected by a directory traversal vulnerability due to a flaw in the websNormalizeUriPath() function. A remote, unauthenticated attacker can exploit this flaw to obtain arbitrary files on the affected host.
The flaw that allows the directory traversal may also be used to perform a heap-based buffer overflow, potentially allowing code execution or a denial of service condition.
Solution
Contact the vendor of the device running the GoAhead embedded web server for a fixed version.
See Also
http://www.nessus.org/u?a935864f
http://seclists.org/oss-sec/2015/q1/1028
Output
Nessus was able to exploit the issue to retrieve the contents of
'/etc/passwd' using the following request : -
I can't put the rest of the article because your forum thinks I'm putting in forbidden data that could crash the site. Just read the link from nessus. THanks
-
Hi Aniehues,
Gohead does have this security risk. so we changed to Njnix two months ago. pls visit our website to get the latest firmware.
