|
|
|
|
| |
| HomeSeer is home automation software for Windows 2000, Windows NT, Windows 98, and Windows 95 that uses inexpensive X10 technology to control your lights, appliances, and audio/video equipment. A webserver is built in, allowing you to even remote control your appliances over the Internet. However, a security vulnerability in this feature allows remote attackers to escape the normal scope of the HTML home directory, and reach possibly sensitive files stored on the machine. |
| |
Credit:
The information has been provided by SNS Research.
|
| |
Vulnerable systems:
HomeSeer version 1.428 and prior
Immune systems:
HomeSeer version 1.4.29 and above
The attack is the infamous 'dot dot' traversal: Adding the string "../" to an URL allows an attacker to files outside of the web server's publishing directory. This allows read access to any file on the server.
Example:
Accessing the following URL:
http://machine.example.com:80/../../../autoexec.bat
Will return the content of the file "autoexec.bat" from the partition's root dir.
Solution:
Vendor has been notified and has acknowledged this problem. It has been fixed in the 1.4.29 (beta-) version of the HomeSeer software that is available from:
http://www.keware.com/kewarebeta.htm
And will be included in the future release 1.5.
|
|
|
|
|
|
|
