10 lines
No EOL
625 B
Text
10 lines
No EOL
625 B
Text
source: https://www.securityfocus.com/bid/3028/info
|
|
|
|
Interactive Story is a web-based application written in Perl and is distributed as freeware.
|
|
|
|
Interactive Story does not filter '../' sequences from user input submitted to a hidden file called 'next'. Remote attackers may take advantage of this by crafting URLs that allow them to break out of webroot and view arbitrary web-readable files.
|
|
|
|
The disclosed information may be used in further attacks on the host.
|
|
|
|
If an attacker sets the "next" field to something like
|
|
../../../../../../../../../../etc/passwd%00, Interactive Story will open and display the password file. |