Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:WEBSTER:DIR-TRAVERSAL

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 http traversal webster msdn

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Webster Directory Traversal


This signature detects directory traversal attacks against Webster HTTPd that ships with the MSDN Samples Pack. Attackers can send a maliciously crafted GET request to the host to access files on the system that are available to the Web server daemon.

Extended Description

A file disclosure vulnerability has been discovered in Webster HTTP Server. It has been reported that by passing directory traversal sequences to the vulnerable server, it is possible to access arbitrary files located on the system. Information gained by exploiting this vulnerability may assist attackers in launching further attacks against target systems.

Affected Products

  • Webster Webster HTTP Server

References

  • BugTraq: 6291
  • URL: http://www.securiteam.com/windowsntfocus/6R0030A6AY.html
  • URL: http://www.netdave.com/webster/webster.htm

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out