LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 02-01-2005, 05:57 AM   #1
porous
Member
 
Registered: Oct 2003
Distribution: redhat 9
Posts: 147

Rep: Reputation: 15
directory traversal attack


hi everyone,

can anyone tell me wht a webserver buffer directory traversal attack is and if possible some links , i found some links in packetstorm but i was looking for basic information on the attack.
Like how can it be detected from an ids point of view.

any suggetions are most welcome ,

ty.
 
Old 02-01-2005, 11:00 AM   #2
320mb
Senior Member
 
Registered: Nov 2002
Location: pikes peak
Distribution: Slackware, LFS
Posts: 2,577

Rep: Reputation: 47
http://www.linuxsecurity.com/content/view/105737/104/
the above link explains about a gentoo attack vuln in PhpMyAdmin...........

http://www.google.com/search?hl=en&q...=Google+Search

google turns up way more info.............
 
Old 02-01-2005, 11:52 PM   #3
porous
Member
 
Registered: Oct 2003
Distribution: redhat 9
Posts: 147

Original Poster
Rep: Reputation: 15
yeah i did my google before posting it buy i found most of the links to be either "it results in directory traversal attack" or the exploit details , but not wht the attack is. i mean (the working of the attack , i need only the theory) .

thanks.
 
Old 02-02-2005, 06:53 AM   #4
hardcorelinux
Member
 
Registered: Jan 2005
Location: India
Distribution: RHEL,CentOS,SUSE,Solaris10
Posts: 183

Rep: Reputation: 31
Many applications create a direct mapping between user input, and files on the filesystem. This can happen explicitly, for example the way a webserver maps URLs to the filesystem, or it could be harder to spot: for example if issuing the “HELP FOO” command causes the underlying program to display the resource “help/foo.txt”.

The most common directory traversal attack comes from a user making a request for ‘../../foo’: using the ‘..’ construct to escape to the directory above that in which the files should be found. This is, however, not the only unsafe pattern: several exploits have used ‘.|.’ instead.

This is a very common vulnerability. It is most prevalent in P2P software, or in applications that “grow” some kind of fileserver bolted on the side: since fileserving isn’t the core area of expertise for the developer, the dangers are often overlooked. For example, when ICQ was first shipped with a personal webserver, it was vulnerable to the simplest of directory traversal attacks.
 
Old 02-02-2005, 06:54 AM   #5
hardcorelinux
Member
 
Registered: Jan 2005
Location: India
Distribution: RHEL,CentOS,SUSE,Solaris10
Posts: 183

Rep: Reputation: 31
MORE SIMPLEST DEFINITION IS

A user supplies a specially crafted filename to a program (usually a server) that allows them to access files in areas of the filesystem that should be unavailable.
 
Old 02-02-2005, 09:48 PM   #6
porous
Member
 
Registered: Oct 2003
Distribution: redhat 9
Posts: 147

Original Poster
Rep: Reputation: 15
thank you very much..
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
BreadthFirst traversal of a tree with N children and Deque kpachopoulos Programming 1 11-18-2005 07:36 AM
nat-traversal egarnel Linux - Networking 0 09-02-2004 10:31 AM
Config Nat traversal on Mandrake 9.2 superfreeswan why1957 Mandriva 0 02-16-2004 11:08 PM
recursive directory traversal klfreese Linux - Newbie 2 08-20-2003 07:27 PM
preventing directory traversal in programs tristan_vdv Linux - Security 4 06-04-2002 04:03 AM


All times are GMT -5. The time now is 12:45 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration