Rejetto HTTP File Server (HFS) search feature fails to handle null bytes

elektroinside · **on:** November 03, 2014, 05:01:07 PM

Hi,

If this has been mentioned before, sorry.

I just found this: http://www.kb.cert.org/vuls/id/251276

Description
CWE-158: Improper Neutralization of Null Byte or NUL Character - CVE-2014-6287
Rejetto HFS versions 2.3, 2.3a, and 2.3b are vulnerable to remote command execution due to a regular expression in parserLib.pas that fails to handle null bytes. Commands that follow a null byte in the search string are executed on the host system.

Might be something to fix though, as i just restarted the entire windows machine with this one...

Thanks!

xpl01t · **Reply #1 on:** November 05, 2014, 03:26:45 PM

Thanks for your report, by the way this vulnerability was already fixed in the last version

rejetto · **Reply #2 on:** November 06, 2014, 10:52:47 AM

elektroinside, you my have disabled (or ignored) automatic updates.

Rejetto HTTP File Server (HFS) search feature fails to handle null bytes

elektroinside

Rejetto HTTP File Server (HFS) search feature fails to handle null bytes

xpl01t

Re: Rejetto HTTP File Server (HFS) search feature fails to handle null bytes

rejetto

Re: Rejetto HTTP File Server (HFS) search feature fails to handle null bytes