OSVDB ID: 28262

Title: Cybozu Multiple Products ag.exe id Parameter Traversal Arbitrary File Access

Info

Disclosure

Aug 28, 2006

Discovery

Jul 04, 2006

Dates

Exploit

Aug 28, 2006

Solution

Unknown

Description

Cybozu Office contains a flaw that allows a remote attacker to download arbitrary files via directory traversal attacks. The issue is due to the ag.exe not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'id' variable.

Classification

Location: Remote / Network Access
Attack Type: Information Disclosure, Input Manipulation
Impact: Loss of Confidentiality
Exploit: Exploit Public
OSVDB: Web Related

Solution

Upgrade to Office version 6.6 (Build 1.3) or higher, AG version 1.2 (1.5) or higher, AG Pocket 5.2 (0.8) or higher, Garoon 1.5 (4.1) or higher, or Mailwise 3.0 (0.3) or higeher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Cybozu	AG	1
	AG Pocket	5
	Mailwise	3
	Garoon	1
	Office	6.5 (Build 1.2)

References

CVE ID: 2006-4490 (see also: NVD) 2006-4491 (see also: NVD)
Secunia Advisory ID: 21623 21638 21656
Related OSVDB ID: 28263
Vendor URL: http://collaborex.cybozu.co.jp/
http://cybozu.co.jp/
Vendor Specific Advisory URL: http://cybozu.co.jp/products/dl/notice_060825/
Other Advisory URL: http://vuln.sg/cybozu-en.html

Credit

Tan Chew Keong - vulnsecunia.com - Secunia Research

Direct URL: http://osvdb.org/28262