Alt-N WebAdmin Source Code Disclosure

From: wsn1983@gmail.com
To: bugtraq@securityfocus.com
Cc:
Subject: Alt-N WebAdmin Source Code Disclosure
Date:


Vulnerable:     v3.3.3
Vendor:         www.altn.com
Category:         Environment Error

Vulnerable
========
Alt-N WebAdmin 3.3.3
U-Mail for Windows V9.8 
U-Mail GateWay for Windows V9.8

Details:
=========
A source code disclosure vulnerability exists with Alt-N WebAdmin Server.
Remote attacker can be exploited to disclose the source code by appending "%2e" or "%20" to a URI.
Test on U-Mail for Windows V9.8 and U-Mail GateWay for Windows V9.8

POC: 
=========
http://ip:1000/login.wdm%20
http://ip:1000/login.wdm%2e

Reference:
=========
www.comingchina.com/download.html
http://www.nansec.com/





Copyright © 1995-2018 LinuxRocket.net. All rights reserved.