directory traversal / slash escape

Discussion in 'Computer Security' started by .merlin, Aug 29, 2003.

  1. .merlin

    .merlin Guest

    Hello,

    I ve tested my website using an automatised web security scanner
    (nikto) which told me the service is vulnerable to directory traversal.

    The example request:
    http://site/_vti_bin/..%2f..%2f..%2f..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe?/c+

    This test was made on a winnt4 server, with iis and frontpage installed,
    with windows update regularly checked and patched if needed.

    1) Do I have to consider this a real risk or not ?
    2) Considering the web server root is on another disk than the system,
    I always thought it was impossible to switch to another disk through
    that kind of commands. Is this true or not ?

    Any answer appreciated ; )

    ..merlin
     
    .merlin, Aug 29, 2003
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.