Web Shopper Remote File Retrieval Network Vulnerability

Summary

Byte's Interactive Web Shopper (shopper.cgi) allows for retrieval of arbitrary files from the web server. Both Versions 1.0 and 2.0 are affected. Example: GET /cgi-bin/shopper.cgi?newpage=../../../../etc/passwd will return /etc/passwd.

Solution

Uncomment the #$debug=1 variable in the script so that it will check for, and disallow, viewing of arbitrary files.

Severity

Classification

CVE CVE-2000-0922

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

TFTP file detection (Cisco IOS)
Anaconda Double NULL Encoded Remote File Retrieval
Avotus mm File Retrieval attempt
McAfee myCIO Directory Traversal
Web Shopper remote file retrieval

Take action and discover your vulnerabilities