Alibaba File Access Vulnerability

Alibaba File Access Vulnerability

Alibaba is a free web server for Windows 95/98 and Windows NT. A vulnerability in the web server allows remote users to retrieve any files in the same drive as the web root directory as long as they know the filename.

The Alibaba web server fails to check that whether the files the clients are request have a ".." in them, and thus whether they are outside the web root. If the client knows the name of an existing file on the same drive and can guess where the web root has been installed he will be able to retrive the file. The default web root location is "c:\alibaba\HtmlDocs\".