The WebConnect 6.4.4 and 6.5 contains several vulnerabilities
The WebConnect 6.4.4 and 6.5 contains several vulnerabilities such as:
- Denial of Service when requesting an DOS Device in Path Name
- Reading of files outside webroot (Directory traversal)
Requesting "DOS Device in Path Name" Denial of Service
When requesting a DOS device in the URL the server will stop responding
to any further requests before a manual restart of service has been made.
This attack can be preformed on both the client website and the
administration interface.
Vulnerable versions:
- WebConnect 6.4.4 (Possible previous versions)
- WebConnect 6.5
CERT response:
- VU#552561 CAN-2004-0466
Reading of files outside webroot (Directory traversal)
When sending a specially crafted request to the server it is possible to
read files outside the webroot. Since the service as default runs with
system rights, this could give access to the entire partition that
WebConnect
are installed on.
Vulnerable versions:
- WebConnect 6.4.4 (Possible previous versions)
CERT response:
- VU#628411 CAN-2004-0465
Read the full advisory for both the vulnerabilities at:
http://www.cirt.dk/