---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: EMC Navisphere Manager Directory Traversal and Directory Listing SECUNIA ADVISORY ID: SA16344 VERIFY ADVISORY: http://secunia.com/advisories/16344/ CRITICAL: Moderately critical IMPACT: Exposure of system information, Exposure of sensitive information WHERE: >From local network SOFTWARE: EMC Navisphere Manager 6.x http://secunia.com/product/5500/ DESCRIPTION: Two vulnerabilities have been reported in EMC Navisphere Manager, which can be exploited by malicious people to gain knowledge of sensitive information. 1) HTTP requests are not properly validated, which can be exploited to access arbitrary files outside the web root via directory traversal attacks. Example: http://[host]/../../../[file] This can e.g. be exploited to disclose the contents of the navimon.log log file, which may contain the Clarion Administrator password in plaintext. 2) It is possible to list the contents of a directory by appending a "." at the end of the request. Example: http://[host]/. The vulnerabilities reportedly affect versions 6.6, 6.5, and 6.4 prior to versions 6.6.0.5.0, 6.5.4.0.0, and 6.4.8.0.0. SOLUTION: Update to version 6.6.0.5.0, 6.5.4.0.0, or 6.4.8.0.0. Reportedly, later revisions bundled with the FLARE Operating Environment already contain the fix, starting with FLARE 14 (rev 02.07) released in June 2004. PROVIDED AND/OR DISCOVERED BY: Discovered by anonymous person and reported via iDEFENSE. ORIGINAL ADVISORY: iDEFENSE: http://www.idefense.com/application/poi/display?id=288&type=vulnerabilities ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------