[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : HomeSeer Directory Traversal Vulnerability

Title: HomeSeer Directory Traversal Vulnerability
Released by: Strumpf Noir Society
Date: 7th December 2000
Printable version: Click here
Strumpf Noir Society Advisories

! Public release !


-= HomeSeer Directory Traversal Vulnerability =-

Release date: Thursday, December 7, 2000


HomeSeer is home automation software for Windows 2000, Windows NT,

Windows 98, and Windows 95 that uses inexpensive X10 technology to

control your lights, appliances, and audio/video equipment. A webserver

is build in, allowing you to even remote control your appliances over

the Internet.

HomeSeer can be found at vendor Keware's website,



Adding the string "../" to an URL allows an attacker to files outside

of the webserver's publishing directory. This allows read access to any

file on the server. Example: http://localhost:80/../../../autoexec.bat

reads the file "autoexec.bat" from the partition's root dir.



Vendor has been notified and has acknowledged this problem. It has been

fixed in the 1.4.29 (beta-)version of the HomeSeer software which is

availble from http://www.keware.com/kewarebeta.htm and will be included

in the future 1.5 release.

This was tested against HomeSeer 1.4. Older versions can be expected to

vulnerable, users are encouraged to upgrade.


SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html)

compliant, all information is provided on AS IS basis.

EOF, but Strumpf Noir Society will return!

(C) 1999-2000 All rights reserved.