Title: Sambar Server pagecount File Overwrite Vulnerability
Severity: MODERATE
Description:
Sambar Server is a multi-threaded HTTP server for Microsoft Windows and Unix systems.
Sambar WWW Server is bundled with a sample script('pagecount') which creates temporary files on the host. However, it is possible for a remote attacker to craft a web request which will cause pagecount to overwrite existing files.
When invoked pagecount creates temporary files 'c:\sambardirectory\tmp'. The names of the temporary files are whatever value is passed to the '?page=' argument of a web request. It is possible to escape this directory using '../' sequences and create/overwrite arbitrary files.
Files attacked in this manner will be corrupted.
Loss of critical data and a denial of services may occur if system files are overwritten.
Affected Products:
- Sambar Server 4.4.0 production
- Sambar Server 5.0.0 beta1
- Sambar Server 5.0.0 beta2
- Sambar Server 5.0.0 beta3
- Sambar Server 5.0.0 beta4
References:
- SAMBAR: SAMBAR HomePage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
