HomeSeer is home automation software for Windows 2000, Windows NT, Windows 98, and Windows 95 that uses inexpensive X10 technology to control your lights, appliances, and audio/video equipment. A webserver is built in, allowing you to even remote control your appliances over the Internet. However, a security vulnerability in this feature allows remote attackers to escape the normal scope of the HTML home directory, and reach possibly sensitive files stored on the machine.
Credit:
The information has been provided by SNS Research.
Vulnerable systems:
HomeSeer version 1.428 and prior
Immune systems:
HomeSeer version 1.4.29 and above
The attack is the infamous 'dot dot' traversal: Adding the string "../" to an URL allows an attacker to files outside of the web server's publishing directory. This allows read access to any file on the server.
Will return the content of the file "autoexec.bat" from the partition's root dir.
Solution:
Vendor has been notified and has acknowledged this problem. It has been fixed in the 1.4.29 (beta-) version of the HomeSeer software that is available from: http://www.keware.com/kewarebeta.htm
