RE: directory traversal vulnerability

From: Arian J. Evans (arian.evans@anachronic.com)
Date: Thu Mar 13 2008 - 11:55:46 EST

• Next message: Robin Wood: "Re: Program to populate forms"
• Previous message: LordDoskias: "Re: anonymous Zonetransfer (AXFR) exploatation"
• In reply to: Lee Lawson: "Re: directory traversal vulnerability"
• Next in thread: Paul Melson: "RE: directory traversal vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Dave -- you should post the VB script error for the list
or this question makes no sense. That error is the key,
as I told you over on the webappsec list.

You might have better luck on an ASP Classic developer's list.

Folks on this list may not be familiar with that VB/ASP error.

I've been testing ASP apps for close to ten years, hence
my confidence in my previous answer.

It's a type mismatch -- which is fundamental and common
to VB ASP apps.

That's a standard old ASP classic error. Including
the path is default behavior and has nothing to do
with a dir trav, though I also included dir trav
instructions for Windows in my last email that you
can feel free to try.

Stop using that little python wapati webapp scanner
and start learning to manually test applications.
I recommend starting by learning to read the source
code. VB ASP is very easy.

-ae

On 9 Mar 2008 03:02:26 -0000, <davemitch@mailinator.com> wrote:
> hi List,
>
>
>
> how does one exploit directory traversal vulnearbility ?
>
>
>
> does this error message indicate such a vulnerability ?
>
> -----------------------------------------------
>
>
>
>
>
> E:\INETPUB\VHOSTS\****.***.***\HTTPDOCS\WEBROOT\PA
GES\../includes/toplinks-archive-courses-spas.asp, line 1
>
> ________________________________________________
>
>
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>

--
Arian Evans
software security stuff
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------

• Next message: Robin Wood: "Re: Program to populate forms"
• Previous message: LordDoskias: "Re: anonymous Zonetransfer (AXFR) exploatation"
• In reply to: Lee Lawson: "Re: directory traversal vulnerability"
• Next in thread: Paul Melson: "RE: directory traversal vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:27 EDT