Security Advisory B006 - Jeuce Personal Webserver v2.13 Directory Traversal Flaw Lets Remote Users View Arbitrary Files
==================

Release Date: May 2 2005

Impact: A remote user can view arbitrary files on the target system with the privileges of the target web service.

Vendor URL: http://www.jeuce.com/

Vulnerable Versions: Tested on v2.13, previous versions probably vulnerable as well.

Description:
Jeuce Personal Webserver is a small webserver that makes the sharing of personal files or the hosting of personal websites easy.
A remote user can obtain files on the target system that are located outside of the web document directory.
The web service does not properly validate user-supplied HTTP GET requests. A remote user can supply a specially
crafted GET request that contains '..\' directory traversal characters to view arbitrary files on the target system

Example exploit: using the default web document directory (C:\Webser2k\wwwroot), make a file called a.txt on your hdd, open up your browser and go to http://localhost/../../a.txt

Solution/Status:
Vendor has been contacted multiple times on multiple e-mail addresses but never responded. No patch available.