漏洞类别:Web server漏洞等级: 
漏洞信息
The Viking Server is a freely available software package maintained and distributed by Robtex. The Viking Server provides multiple protocol service on Windows 95, Windows 98, and Windows NT systems.
A problem occurs in the validation of input by external users. Upon receiving a request for a relative path, the HTTPd server does not adequately check input, and instead grants access to the requesting user. A request for the relative path would allow the user to view the contents of the root directory of the filesystem the Web server is operating on. For example, if the server was installed on the D:\ drive, and a user requested a path of "\...", then the user would be able to leave the Web root directory, and gain access to the D:\ drive.
漏洞危害
This vulnerability makes it possible for remote users to gain access to privileged information, and potentially gain local access to systems using the affected software.
解决方案
Download and install the latest version of Viking Server. You can download the latest version from the following link:
http://www.robtex.com/viking.html
0day
文章评论