nostromo nhttpd Web Server Remote Directory Traversal Vulnerability


Description   A vulnerability has been identified in nostromo nhttpd, which could be exploited by attackers to gain unauthorized access to arbitrary files on a vulnerable system or execute arbitrary code. This issue is caused by an input validation error when processing HTTP requests containing the "..%2f" sequence, which could be exploited to conduct directory traversal attacks and disclose the contents of arbitrary files, or inject and execute arbitrary shell commands.
     
Vulnerable Products   Vulnerable Software:
nostromo nhttpd version 1.9.3 and prior
     
Solution   Upgrade to nostromo nhttpd version 1.9.4: http://www.nazgul.ch/dev_nostromo.html
     
CVE   CVE-2011-0751
     
References   http://www.nazgul.ch/dev_nostromo.html
http://seclists.org/bugtraq/2011/Mar/151
     
Vulnerability Manager Detection   Yes (since ASQ v4.0.0)
     
IPS Protection  
ASQ Engine alarm Available Since
Misc : Directory traversal - parameter starting with ../
3.2.0
Directory traversal using ..\..
3.2.0
Directory traversal
3.2.0
Directory traversal backward root folder
3.2.0
     


 
 
 
 
 Risk level 
High 

 Vulnerability First Public Report Date 
2011-03-16 

 Target Type 
Server 

 Possible exploit 
Local & Remote