AMSI 'file' Parameter Directory Traversal Vulnerability Network Vulnerability

Summary

This host is installed with Academia management solutions international (AMSI) and is prone to directory traversal vulnerability.

Impact

Successful exploitation will allow remote attackers to read arbitrary files on the target system. Impact Level: System/Application

Solution

No solution or patch is available as of 20th February, 2015. Information regarding this issue will updated once the solution details are available. For updates refer to http://amsi.ae

Insight

The error exists due to the download.php script, which does not properly sanitize user input supplied via the 'file' parameter.

Affected

AMSI v3.20.47 build 37 and probably other versions.

Detection

Send a crafted data via HTTP GET request and check whether it is able to read local file or not.

References

http://osvdb.org/116518
http://packetstormsecurity.com/files/129714

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

@Mail 'admin.php' Cross-Site Scripting Vulnerabilities
1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
Adiscon LogAnalyzer 'highlight' Parameter Cross Site Scripting Vulnerability
Andromeda Streaming MP3 Server Cross Site Scripting Vulnerability
Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability

Take action and discover your vulnerabilities