30 lines
No EOL
1 KiB
Text
30 lines
No EOL
1 KiB
Text
Google Dork: ie: intitle:ManageEngine ServiceDesk Plus"
|
||
Author: Keith Lee (keith.lee2012@gmail.com), @keith55,
|
||
http://milo2012.wordpress.com
|
||
Software Link: http://www.manageengine.com/products/service-desk/91677414/ManageEngine_ServiceDesk_Plus.exe
|
||
Version: 8.0
|
||
|
||
Description:
|
||
|
||
Directory traversal vulnerabilities has been found in ManageEngine
|
||
ServiceDesk Plus 8.0 a web
|
||
based helpdesk system written in Java.
|
||
|
||
The vulnerability can be exploited to access local files by entering
|
||
special characters in variables used to create file paths. The attackers
|
||
use <20>../<2F> sequences to move up to root directory, thus permitting
|
||
navigation through the file system.
|
||
|
||
Request:
|
||
GET http://[webserver
|
||
IP]:8080/workorder/FileDownload.jsp?module=agent&&FILENAME=%20..\..\..\..\..\..\..\..\..\windows\repair\SAM
|
||
|
||
The issue is fixed with Service Pack Build 8012 found in the below link.
|
||
http://www.manageengine.com/products/service-desk/91677414/ManageEngine_ServiceDesk_Plus_8_0_0_SP-0_12_0.ppm
|
||
|
||
|
||
--
|
||
Keith
|
||
|
||
Blog: http://www.milo2012.wordpress.com
|
||
Twitter: @keith55 |