TeamTrack HTTP server allows browsing the file system outside the server root directory
| http-teamtrack-file-read (3281) |  Medium Risk |
Description:
A vulnerability in the HTTP server supplied with TeamShare's TeamTrack problem-tracking could allow a remote attacker to traverse directories on the Web server. A remote attacker could send a specially-crafted GET request containing "dot dot" sequences (/../) to traverse directories and read files outside the Web server's document root.
Platforms Affected:
- Microsoft, Windows 2000
- Microsoft, Windows 2003 Server
- Microsoft, Windows NT 4.0
- TeamShare, TeamTrack Server 3.00
Remedy:
TeamShare recommends users use a third party Web server like Microsoft's IIS or Netscape Enterprise Server. This issue has been resolved in TeamTrack 4.0, which is expected to be delivered in early 2000.
Consequences:
File Manipulation
References:
- BugTraq Mailing List, Sat, 2 Oct 1999 05:14:32 -0500, RFP9904: TeamTrack webserver vulnerability at http://archives.neohapsis.com/archives/bugtraq/1999-q3/1154.html.
- BID-689: TeamShare TeamTrack Directory Traversal Vulnerability
- CVE-1999-0933: TeamTrack web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
- OSVDB ID: 1096: TeamShare TeamTrack Arbitrary File Access
Reported:
Oct 02, 1999
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net