Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbJoetestaEDB-ID:20793
HistoryApr 23, 2001 - 12:00 a.m.

RobTex Viking Server 1.0.7 - Relative Path Webroot Escaping

2001-04-2300:00:00
joetesta
www.exploit-db.com
27

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/2643/info

The Viking Server is a freely available software package maintained and distributed by Robtex. The Viking Server provides multiple protocol service on Windows 95, 98, and NT systems.

A problem in the software package could make it possible for remote users to gain access to sensitive system files. Due to the improper handling of relative paths by the HTTP serving portion of the Viking Server, a user requesting a relative path such as "\...\" can gain access to the root directory, breaking out of the webroot.

This problem makes it possible for remote user to gain access to sensitive system files, and potentially local access. 

http://vulnerable.system/\...\

Related

cert 1
cvelist 1
cve 1
nvd 1
cert
cert
Robtex Viking Web Server permits traversal out of HTTP docs root directory
2001-06-13 00:00:00
cvelist
cvelist
CVE-2001-0467
2001-09-18 04:00:00
cve
cve
CVE-2001-0467
2001-09-18 04:00:00
nvd
nvd
CVE-2001-0467
2001-06-27 04:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:20793
cert1cvelist1cve1nvd1