Skip to content
cyberexploits
remotewindowstext

Adobe JRun 4 - (logfile) Authenticated Directory Traversal

Adobe JRun 4 - (logfile) Authenticated Directory Traversal

Published on 2009-08-18

Source code

Pinned to commit 7eac4c3a2ce5
textplatforms/windows/remote/9443.txt7eac4c3a
raw
Digital Security Research Group [DSecRG] Advisory	#DSECRG-09-052





Application:                Adobe JRun Application Server

Versions Affected:          4 updater 7

Vendor URL:                 http://www.adobe.com/products/jrun/

Bug:                        Directory Traversal File Read

Exploits:                   YES

Reported:                   20.01.2009

Vendor response:            21.01.2009

Solution:                   YES   

Date of Public Advisory:    17.08.2009

CVE-number:                 CVE-2009-1873

Author:                     Digital Security Research Group [DSecRG] (research [at] dsec [dot] ru)







Description

***********



JRun Management Console Directory Traversal vulnerability.





Details

*******





Directory Traversal vulnerability found in script logviewer.jsp



Using Management Console authenticated attacker can read any file on server.



Also attacker can exploit this issue using XSS (http://www.dsecrg.com/pages/vul/show.php?id=152)





Example:



http://[server]/server/[profile]/logging/logviewer.jsp?logfile=../../../../../../../boot.ini









Fix Information

***************

The issue has been solved 17 august 2009.  http://www.adobe.com/go/apsb09-12





References:

***********



http://www.adobe.com/go/apsb09-12

http://www.dsecrg.com/pages/vul/show.php?id=152





About

*****





Digital Security one of the leading IT security companies in CEMEA, providing information security consulting, audit and penetration testing services, risk analysis and ISMS-related services and certification for ISO/IEC 27001:2005 and PCI DSS standards. Digital Security Research Group focuses on web application and database security problems with vulnerability reports, advisories and whitepapers posted regularly on our website.





Contact:	research [at] dsecrg [dot] com

		http://www.dsecrg.com 



# milw0rm.com [2009-08-18]

View on GitHub