directory traversal attack
hi everyone,
can anyone tell me wht a webserver buffer directory traversal attack is and if possible some links , i found some links in packetstorm but i was looking for basic information on the attack. Like how can it be detected from an ids point of view. any suggetions are most welcome , ty. |
http://www.linuxsecurity.com/content/view/105737/104/
the above link explains about a gentoo attack vuln in PhpMyAdmin........... http://www.google.com/search?hl=en&q...=Google+Search google turns up way more info............. |
yeah i did my google before posting it buy i found most of the links to be either "it results in directory traversal attack" or the exploit details , but not wht the attack is. i mean (the working of the attack , i need only the theory) .
thanks. |
Many applications create a direct mapping between user input, and files on the filesystem. This can happen explicitly, for example the way a webserver maps URLs to the filesystem, or it could be harder to spot: for example if issuing the “HELP FOO” command causes the underlying program to display the resource “help/foo.txt”.
The most common directory traversal attack comes from a user making a request for ‘../../foo’: using the ‘..’ construct to escape to the directory above that in which the files should be found. This is, however, not the only unsafe pattern: several exploits have used ‘.|.’ instead. This is a very common vulnerability. It is most prevalent in P2P software, or in applications that “grow” some kind of fileserver bolted on the side: since fileserving isn’t the core area of expertise for the developer, the dangers are often overlooked. For example, when ICQ was first shipped with a personal webserver, it was vulnerable to the simplest of directory traversal attacks. |
MORE SIMPLEST DEFINITION IS
A user supplies a specially crafted filename to a program (usually a server) that allows them to access files in areas of the filesystem that should be unavailable. |
thank you very much..
|
All times are GMT -5. The time now is 09:18 PM. |