|Title:||Visual Synapse HTTP Server Directory Traversal Vulnerability|
|Summary:||This host is running Visual Synapse HTTP Server and is prone to;directory traversal vulnerability.|
This host is running Visual Synapse HTTP Server and is prone to
directory traversal vulnerability.
An input validation error is present in the server which fails
to validate user supplied request URI containing 'dot dot' sequences (/..\).
Successful exploitation will allow attacker to launch directory
traversal attack and gain sensitive information about the remote system's
Impact Level: Application
Visual Synapse HTTP Server 1.0 RC3, 1.0 RC2, 1.0 RC1 and 0.60
No solution or patch was made available for at least one year
since disclosure of this vulnerability. Likely none will be provided anymore.
General solution options are to upgrade to a newer release, disable respective
features, remove the product or replace the product by another one.
BugTraq ID: 43830|
Common Vulnerability Exposure (CVE) ID: CVE-2010-3743
Bugtraq: 20101007 Syhunt Advisory: Visual Synapse HTTP Server Directory Traversal Vulnerability (Google Search)
|Copyright||Copyright (c) 2010 Greenbone Networks GmbH|
|This is only one of 69903 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.