Security Advisory 05 – 005 – Internal Path Disclosure in HTTP Variables
Webseries Payment Application
Vulnerability discovery and development:
Portcullis Security Testing Services
Bottomline Webseries Payment Application
Several HTTP variables in use by the application were found to directly reference directories and files on the web server. An example of this behaviour is listed below:
ConfigFile=blah.cfg ReportName=User%20Activity%20Report.rpt ReportPath=E:\server\apps\WSWEB\Web+Application+Files\reports\
An attacker can use the information obtained by this issue to gain a better understanding of the structure of the underlying file system of the web server. This type of information is often essential in launching exploits against the web server itself.
No exploit code required.