FW: Security Notice: Big Brother 1.09b/c

seanWWW.MACLAWRAN.CA

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Simon Helson: "Possible DOS in WinNT RAS (PPTP)"
• Previous message: 1nternal geocities.com: "Minor privacy exploit in Outlook Express"

http://www.maclawran.ca/bb/ for more info on Big Brother.


-----FW: <199904261049.GAA07967www.maclawran.ca>-----

Date: Mon, 26 Apr 1999 06:49:59 -0400 (EDT)
From: Sean MacGuire <seanwww.maclawran.ca>
To: solodok.org
Subject: Security Notice: Big Brother 1.09b/c


This notice concerns the Big Brother System and Network Monitor.

We noticed you downloaded a version which could be affected by
this problem so we wanted to tell you about it.

If you have any questions or concerns, feel free to contact me
at mailto:seanmaclawran.ca.  Sorry for any inconvenience.

                ===========================
                Big Brother Security Notice
                ===========================

Versions: 1.09b and 1.09c

Module:   CGI History module (web/bb-hist.sh)

Affects:  Anyone who's installed the new history viewer
          bb-hist.sh as a CGI program.

Summary:  Exploiting the problem could allow the partial
          display of local files provided they are readable
          by your web server, and text-based.

Fix:      Please pick up a new version of the bb-hist.sh file
          at: http://maclawran.ca/bb-dnld/bb-hist.sh

Found by: Michael Smith <michaelcsuite.ns.ca>  Thanks Michael.

I've also updated the archive to be 1.09d (this is the only
change).
--
Sean MacGuire, Reality Engineer               seanMacLawran.ca
The Big Brother Ministry of Truth      http://maclawran.ca/sean
icbm --> 45'31.06N-73'35.19W                    +1 514 982 9688
              "Looking down the barrel of another day"

--------------End of forwarded message-------------------------

• Next message: Simon Helson: "Possible DOS in WinNT RAS (PPTP)"
• Previous message: 1nternal geocities.com: "Minor privacy exploit in Outlook Express"