CVE-2004-2565

Sambar Server 6.1 Beta 2 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2565. PoCs published by Oliver Karow.

AI-analyzed exploit summary The provided text describes a directory traversal vulnerability in Sambar Server 6.1 Beta 2, allowing access to sensitive files like boot.ini via a crafted URL. It notes that administrative privileges are required, but the default configuration may lack a password.

Description

Multiple directory traversal vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, when the administrative IP address restrictions have been modified from the default, allow remote authenticated users to read arbitrary files via (1) a "..\" (dot dot backslash) in the file parameter to showini.asp, or (2) an absolute path with drive letter in the log parameter to showlog.asp.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Oliver Karow · textremotewindows

https://www.exploit-db.com/exploits/24163

View Code ZIP pw:eip

The provided text describes a directory traversal vulnerability in Sambar Server 6.1 Beta 2, allowing access to sensitive files like boot.ini via a crafted URL. It notes that administrative privileges are required, but the default configuration may lack a password.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: Sambar Server 6.1 Beta 2

Auth required

Prerequisites: Administrative access to the server · Default or weak administrative credentials

MITRE ATT&CK