Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
| GEN:SID | 1:2371 |
| Message | WEB-MISC Sample_showcode.html access |
| Summary | This event is generated when an attempt is made to access Sample_showcode.html, a component of the Niti Telecom Caravan Business Server. |
| Impact | Information disclosure. Possible directory traversal. |
| Detailed Information | Caravan Business Server is used to develop web applications. It is possible for an external user to perform a directory traversal attack against the server by maipulating the parameter fname in the Sample_showcode.html file. |
| Affected Systems | Caravan Business Server 2.00/03D |
| Attack Scenarios | An attacker can view files on the system by performaing a directory traversal attack using the fname parameter in the Sample_showcode.html script. |
| Ease of Attack | Simple. |
| Corrective Action | Ensure the system is using an up to date version of the software and has had all vendor supplied patches applied. |
| Additional References | |
| Rule References | bugtraq: 9555 |
--
DID:545427
--
http://www.aanval.com/