OSVDB ID: 19479

Title: TAC Vista ISALogin.dll Template Parameter Traversal Arbitrary File Access

Info

Disclosure

Sep 16, 2005

Discovery

Sep 01, 2005

Dates

Exploit

Sep 16, 2005

Solution

Unknown

Description

TRAC Vista Webstation contains a flaw that allows a remote attacker to traverse outside of the web path. The issue is due to the ISALogin.dll program not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the Template variable.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Confidentiality
Exploit: Exploit Public
OSVDB: Web Related

Solution

Upgrade to version 4.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

TAC

Vista Webstation

3.0

References

Security Tracker: 1014923
Secunia Advisory ID: 16854
CVE ID: 2005-3040 (see also: NVD)
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0469.html
Other Advisory URL: http://cirt.dk/advisories/cirt-37-advisory.pdf

Credit

Dennis Rand - advisorycirt.dk - Danish Computer Incident Response Team

Direct URL: http://osvdb.org/19479