SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   WebTide Vendors:   Infron Technologies
InfronTech WebTide Server Discloses Files and Directories to Remote Users
SecurityTracker Alert ID:  1008016
SecurityTracker URL:  http://securitytracker.com/id/1008016
CVE Reference:   CVE-2003-1152   (Links to External Site)
Updated:  May 19 2008
Original Entry Date:  Oct 28 2003
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 7.04 and prior versions
Description:   STG Security reported a vulnerability in the InfronTech WebTide J2EE web application server. A remote user can view files and directories on the system.

It is reported that a remote user can view files and directories on the system by submitting a request appended with the '%3f.jsp' string.

Jeremy Bae at STG Security is credited with discovering the flaw.

The following notification timeline is provided:

2003-10-13 Infrontech notified.
2003-10-15 Second attempt to contact the vendor.
2003-10-15 Vendor replied their new versions are not vulnerable.
2003-10-15 SSR Team tested and confirmed.
2003-10-23 Third attempt to contact the vendor.
2003-10-25 Public disclosure.

Impact:   A remote user can view directory and file contents.
Solution:   The vendor has released a fixed version (7.05).
Vendor URL:  www.infrontech.com/english/e-product_webtide.jsp (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Open UNIX-SCO), UNIX (Solaris - SunOS), Windows (NT), Windows (2000)

Message History:   None.


 Source Message Contents

Subject:  STG Security Advisory: [SSA-20031025-05] InfronTech WebTide 7.04


This is a multi-part message in MIME format.
--------------030309020304050402040500
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

STG Security Advisory: [SSA-20031025-05] InfronTech WebTide 7.04 Directory
and File Disclosure Vulnerability

Revision 1.0
Date Published: 2003-10-25 (KST)
Last Update: 2003-10-25
Disclosed by SSR Team (advisory@stgsecurity.com)

Abstract
========
InfronTech's J2EE Web Application Server, WebTide, is a localized product of
PowerTier 7.0 developed by  Persistence Software. The WebTide has a
vulnerability disclosuring directories and files on a web server through a
request.

Vulnerability Class
===================
Implementation Error: Inappropriate Implementation

Details
=======
Being implemented inappropriately, the WebTide has a vulnerability
disclosuring directories and files on a web server through %3f.jsp request.

This vulnerability revives following reports on the same vulnerability of
other JSP engines without discrimination:

http://lists.insecure.org/lists/vuln-dev/2001/Nov/0339.html
http://www.securityfocus.com/advisories/3689


Impact
======
Directory and file disclosure

Solution
=========
Upgrade to WebTide 7.05 or higher versions

Vulnerable Products
================
WebTide 7.04 and prior

Vendor Status: Notified
=======================
2003-10-13 Infrontech notified.
2003-10-15 Second attempt to contact the vendor.
2003-10-15 Vendor replied their new versions are not vulnerable.
2003-10-15 SSR Team tested and confirmed.
2003-10-23 Third attempt to contact the vendor.
2003-10-25 Public disclosure.

Credits
======
Jeremy Bae at STG Security

About STG Security
=================
STG Security Inc. is a affiliated company of STG Group which has its head
office in the States founded in march 2000. Its core business area is
professional penetration testing, security code review and BS7799 consulting
services.

http://www.stgsecurity.com/

Phone +82-2-6333-4500
FAX +82-2-6333-4545


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBP54PxT9dVHd/hpsuEQIuQwCcC7uKt7+T50MjPATTaopGwZxpWxoAnRF/
idN8aRqYT1gIWcmWYN6XtguN
=WE+k
-----END PGP SIGNATURE-----



--------------030309020304050402040500
Content-Type: text/plain;
 name="WebTide-Eng.txt"
Content-Transfer-Encoding: base64
Content-Disposition: inline;
 filename="WebTide-Eng.txt"

U1RHIFNlY3VyaXR5IEFkdmlzb3J5OiBbU1NBLTIwMDMxMDI1LTA1XSBJbmZyb25UZWNoIFdl
YlRpZGUgNy4wNCBEaXJlY3RvcnkNCmFuZCBGaWxlIERpc2Nsb3N1cmUgVnVsbmVyYWJpbGl0
eQ0KDQpSZXZpc2lvbiAxLjANCkRhdGUgUHVibGlzaGVkOiAyMDAzLTEwLTI1IChLU1QpDQpM
YXN0IFVwZGF0ZTogMjAwMy0xMC0yNQ0KRGlzY2xvc2VkIGJ5IFNTUiBUZWFtIChhZHZpc29y
eUBzdGdzZWN1cml0eS5jb20pDQoNCkFic3RyYWN0DQo9PT09PT09PQ0KSW5mcm9uVGVjaCdz
IEoyRUUgV2ViIEFwcGxpY2F0aW9uIFNlcnZlciwgV2ViVGlkZSwgaXMgYSBsb2NhbGl6ZWQg
cHJvZHVjdCBvZg0KUG93ZXJUaWVyIDcuMCBkZXZlbG9wZWQgYnkgIFBlcnNpc3RlbmNlIFNv
ZnR3YXJlLiBUaGUgV2ViVGlkZSBoYXMgYQ0KdnVsbmVyYWJpbGl0eSBkaXNjbG9zdXJpbmcg
ZGlyZWN0b3JpZXMgYW5kIGZpbGVzIG9uIGEgd2ViIHNlcnZlciB0aHJvdWdoIGENCnJlcXVl
c3QuDQoNClZ1bG5lcmFiaWxpdHkgQ2xhc3MNCj09PT09PT09PT09PT09PT09PT0NCkltcGxl
bWVudGF0aW9uIEVycm9yOiBJbmFwcHJvcHJpYXRlIEltcGxlbWVudGF0aW9uDQoNCkRldGFp
bHMNCj09PT09PT0NCkJlaW5nIGltcGxlbWVudGVkIGluYXBwcm9wcmlhdGVseSwgdGhlIFdl
YlRpZGUgaGFzIGEgdnVsbmVyYWJpbGl0eQ0KZGlzY2xvc3VyaW5nIGRpcmVjdG9yaWVzIGFu
ZCBmaWxlcyBvbiBhIHdlYiBzZXJ2ZXIgdGhyb3VnaCAlM2YuanNwIHJlcXVlc3QuDQoNClRo
aXMgdnVsbmVyYWJpbGl0eSByZXZpdmVzIGZvbGxvd2luZyByZXBvcnRzIG9uIHRoZSBzYW1l
IHZ1bG5lcmFiaWxpdHkgb2YNCm90aGVyIEpTUCBlbmdpbmVzIHdpdGhvdXQgZGlzY3JpbWlu
YXRpb246DQoNCmh0dHA6Ly9saXN0cy5pbnNlY3VyZS5vcmcvbGlzdHMvdnVsbi1kZXYvMjAw
MS9Ob3YvMDMzOS5odG1sDQpodHRwOi8vd3d3LnNlY3VyaXR5Zm9jdXMuY29tL2Fkdmlzb3Jp
ZXMvMzY4OQ0KDQoNCkltcGFjdA0KPT09PT09DQpEaXJlY3RvcnkgYW5kIGZpbGUgZGlzY2xv
c3VyZQ0KDQpTb2x1dGlvbg0KPT09PT09PT09DQpVcGdyYWRlIHRvIFdlYlRpZGUgNy4wNSBv
ciBoaWdoZXIgdmVyc2lvbnMNCg0KVnVsbmVyYWJsZSBQcm9kdWN0cw0KPT09PT09PT09PT09
PT09PQ0KV2ViVGlkZSA3LjA0IGFuZCBwcmlvcg0KDQpWZW5kb3IgU3RhdHVzOiBOb3RpZmll
ZA0KPT09PT09PT09PT09PT09PT09PT09PT0NCjIwMDMtMTAtMTMgSW5mcm9udGVjaCBub3Rp
ZmllZC4NCjIwMDMtMTAtMTUgU2Vjb25kIGF0dGVtcHQgdG8gY29udGFjdCB0aGUgdmVuZG9y
Lg0KMjAwMy0xMC0xNSBWZW5kb3IgcmVwbGllZCB0aGVpciBuZXcgdmVyc2lvbnMgYXJlIG5v
dCB2dWxuZXJhYmxlLg0KMjAwMy0xMC0xNSBTU1IgVGVhbSB0ZXN0ZWQgYW5kIGNvbmZpcm1l
ZC4NCjIwMDMtMTAtMjMgVGhpcmQgYXR0ZW1wdCB0byBjb250YWN0IHRoZSB2ZW5kb3IuDQoy
MDAzLTEwLTI1IFB1YmxpYyBkaXNjbG9zdXJlLg0KDQpDcmVkaXRzDQo9PT09PT0NCkplcmVt
eSBCYWUgYXQgU1RHIFNlY3VyaXR5DQoNCkFib3V0IFNURyBTZWN1cml0eQ0KPT09PT09PT09
PT09PT09PT0NClNURyBTZWN1cml0eSBJbmMuIGlzIGEgYWZmaWxpYXRlZCBjb21wYW55IG9m
IFNURyBHcm91cCB3aGljaCBoYXMgaXRzIGhlYWQNCm9mZmljZSBpbiB0aGUgU3RhdGVzIGZv
dW5kZWQgaW4gbWFyY2ggMjAwMC4gSXRzIGNvcmUgYnVzaW5lc3MgYXJlYSBpcw0KcHJvZmVz
c2lvbmFsIHBlbmV0cmF0aW9uIHRlc3RpbmcsIHNlY3VyaXR5IGNvZGUgcmV2aWV3IGFuZCBC
Uzc3OTkgY29uc3VsdGluZw0Kc2VydmljZXMuDQoNCmh0dHA6Ly93d3cuc3Rnc2VjdXJpdHku
Y29tLw0KDQpQaG9uZSArODItMi02MzMzLTQ1MDANCkZBWCArODItMi02MzMzLTQ1NDUNCg0K

--------------030309020304050402040500--


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC