GEN:SID 1:1001
Message WEB-MISC carbo.dll access
Summary This event is generated when an attempt is made to exploit a vulnerability on an iCat Carbo Server.
Impact Serious. Information disclosure.
Detailed Information The iCat Carbo server, which is part of the Electronic Commerce Suite,
does not properly check HTTP requests and will give access to any file
object residing on the system when it receives a request such as
http://target/carbo.dll?icatcommand=..\..\directory/filename.ext&catalogname=catalog
Affected Systems iCat Electronica Commerce Suite 3.0
Attack Scenarios An attacker can view any file on the server, including sensitive
password files. The information disclosed can then be used to facilitate
further attacks on the system.
Ease of Attack Simple.
Corrective Action None known.
Additional References Bugtraq:
http://www.securityfocus.com/bid/2126

CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1069
Rule References bugtraq: 2126
cve: 1999-1069