Title: Free Peers BearShare Directory Traversal Vulnerability
Severity: MODERATE
Description:
Free Peers Inc. BearShare is a Windows-based file-sharing utility.
Under certain configurations and platforms, versions of BearShare are prone to directory-traversal attacks.
Although the product's website feature does filter '/../' sequences (which are commonly effective in traversal attacks), an attacker could construct a path expression that will bypass the product's input validation.
Since long sequences of '.' characters aren't correctly filtered, the attacker can express a relative path beyond the permitted directory scope.
As a result, BearShare's website feature, if enabled, can permit a remote attacker to traverse the webserver's directory structure and request files from outside the web root.
This vulnerability may be exploitable for a limited set of filetypes. For example, files of type '.avi' and '.mpg' are reportedly not obtainable by this method. Other filetypes may also be secure from this attack; further details were not made available in the original advisory.
Note that this vulnerability does not appear to affect Windows 2000 installations of BearShare.
Affected Products:
- Free Peers BearShare 2.2.0
- Free Peers BearShare 2.2.1
- Free Peers BearShare 2.2.2
References:
- Free Peers: BearShare homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
