I came across a few interesting posts today on this topic today and I thought I would share. The first one I landed on was an interesting read about a poorly secured malicious server from Russ McRee at HolisticInfoSec.com.
http://holisticinfosec.blogspot.com/2010/02/directory-traversal-as-reconnaisance.html
Next, I ended up on the OWASP page on testing for these kinds of vulnerabilities:
http://www.owasp.org/index.php/Testing_for_Path_Traversal
Then finally, a nice NMAP script for the VMware directory traversal vulnerability (CVE-2009-3733) recently discussed at Shmoocon:
http://www.skullsecurity.org/blog/?p=436
good times.
Subscribe to:
Post Comments (Atom)
1 comment:
Post a Comment