Bugtraq mailing list archives
HomeSeer Directory Traversal Vulnerability
From: SNS Research <vuln-dev () greyhack com>
Date: Thu, 7 Dec 2000 23:14:02 +0100
Strumpf Noir Society Advisories ! Public release ! <--# -= HomeSeer Directory Traversal Vulnerability =- Release date: Thursday, December 7, 2000 Introduction: HomeSeer is home automation software for Windows 2000, Windows NT, Windows 98, and Windows 95 that uses inexpensive X10 technology to control your lights, appliances, and audio/video equipment. A webserver is build in, allowing you to even remote control your appliances over the Internet. HomeSeer can be found at vendor Keware's website, http://www.keware.com Problem: Adding the string "../" to an URL allows an attacker to files outside of the webserver's publishing directory. This allows read access to any file on the server. Example: http://localhost:80/../../../autoexec.bat reads the file "autoexec.bat" from the partition's root dir. (..) Solution: Vendor has been notified and has acknowledged this problem. It has been fixed in the 1.4.29 (beta-)version of the HomeSeer software which is availble from http://www.keware.com/kewarebeta.htm and will be included in the future 1.5 release. This was tested against HomeSeer 1.4. Older versions can be expected to vulnerable, users are encouraged to upgrade. yadayadayada SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html) compliant, all information is provided on AS IS basis. EOF, but Strumpf Noir Society will return!
Current thread:
- HomeSeer Directory Traversal Vulnerability SNS Research (Dec 08)