Blog Torrent btdownload.php file Variable Traversal Arbitrary File Retrieval

high Nessus Plugin ID 15904

Synopsis

The remote host has an application that is affected by a directory traversal vulnerability.

Description

There is a remote directory traversal vulnerability in log Torrent, a web-based application that allows users to host files for Bit Torrents. A malicious user can leverage this issue by requesting files outside of the web server root directory with directory traversal strings such as '../'.
This would allow a successful attacker to view arbitrary files that are readable by the web server process.

See Also

https://www.securityfocus.com/archive/1/383048

Plugin Details

Severity: High

ID: 15904

File Name: torrent_traversal.nasl

Version: 1.20

Type: remote

Family: CGI abuses

Published: 12/5/2004

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Vulnerability Publication Date: 12/2/2004

Reference Information

CVE: CVE-2004-1212

BID: 11795