CodeMeter < 4.30.498.504 Virtual Directory Traversal Arbitrary File Access

medium Nessus Plugin ID 57800

Synopsis

A web application running on the remote host is affected by a directory traversal vulnerability.

Description

According to its self-reported version, the CodeMeter WebAdmin server running on the remote host is prior to 4.30d (4.30.498.504). It is, therefore, affected by a directory traversal vulnerability due to a failure to properly sanitize HTTP requests for files in virtual directories. An unauthenticated, remote attacker can exploit this issue to retrieve the contents of arbitrary files on the remote host, provided the target file is among a list of allowed extensions (for example, 'txt', 'htm', 'html', 'images', etc.).

Note that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to CodeMeter 4.30d (4.30.498.504) or later.

See Also

http://aluigi.altervista.org/adv/codemeter_1-adv.txt

Plugin Details

Severity: Medium

ID: 57800

File Name: codemeter_webadmin_4_30d.nasl

Version: 1.8

Type: remote

Family: CGI abuses

Published: 2/2/2012

Updated: 1/19/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:wibu:codemeter_runtime

Required KB Items: installed_sw/CodeMeter

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/24/2011

Vulnerability Publication Date: 9/2/2011

Reference Information

BID: 49437