Title: Savant Webserver File Disclosure Vulnerability
Severity: HIGH
Description:
Savant webserver is a free webserver that runs on Windows platforms.
By adding an encoded space (%20) or period (%2e) at the end of a filename request, it is possible for an attacker to view user folders, which would otherwise be password protected.
Using this method it is also possible to bypass network class access limitations set by an administrator, allowing users outside of the specified class to gain unauthorized access to folders.
As an example, if an administrator restricted access to certain folders to network class D, it would possible for unauthorized users to bypass this restriction.
It should be noted that when using space to exploit this issue, a forward slash (/) must also be appended to the request.
It should also be noted that versions below 3.1 may also be vulnerable to this issue.
Affected Products:
- Savant Savant Webserver 3.1.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
