|Title:||Visual Synapse HTTP Server Directory Traversal Vulnerability|
|Summary:||This host is running Visual Synapse HTTP Server and is prone to; directory traversal vulnerability.|
This host is running Visual Synapse HTTP Server and is prone to
directory traversal vulnerability.
An input validation error is present in the server which fails
to validate user supplied request URI containing 'dot dot' sequences (/..\).
Successful exploitation will allow attacker to launch directory
traversal attack and gain sensitive information about the remote system's directory contents.
Visual Synapse HTTP Server 1.0 RC3, 1.0 RC2, 1.0 RC1 and 0.60
No known solution was made available for at least one year since the disclosure
of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.
BugTraq ID: 43830|
Common Vulnerability Exposure (CVE) ID: CVE-2010-3743
Bugtraq: 20101007 Syhunt Advisory: Visual Synapse HTTP Server Directory Traversal Vulnerability (Google Search)
|Copyright||Copyright (c) 2010 Greenbone Networks GmbH|
|This is only one of 71685 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.