COMMAND
	JWALK application server Directory Traversal Vulnerability
SYSTEMS AFFECTED
	JWALK application server version 3.2C9
PROBLEM
	In  advisory  by  Andy  Davis  of  Information   Risk   Management   Plc
	[http://www.irmplc.com/advisories] :
	--snip--
	Recently during a penetration test IRM  identified  a  serious  security
	vulnerability with the Jwalk application web server  version  3.2C9.  It
	appears  that  by  issuing   a   URL   containing   unicode   characters
	representing "../" directory traversal is possible.
	IRM used the following URL to obtain the Windows password  file  on  the
	machine in question:
	
	 HTTP://<IP_address>/.%252e/.%252e/.%252e/winnt/repair/sam._
	
	The server process appears to be running with sufficient  privileges  to
	read any file on the server (assuming the  name  and  location  of  this
	file is known).
	--snap--
SOLUTION
	Get JWalk, 3.3c4
	A workaround involves using different vendor's web server to  serve  the
	Jwalk application