|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: CGIForum 1.0 Vulnerability
From: zorgon (zorgon
LINUXSTART.COM)Date: Mon Nov 20 2000 - 10:38:56 CST
- Next message: Georgi Guninski: "IE 5.x/Outlook allows executing arbitrary programs using .chm files and temporary internet files folder"
- Previous message: debian-security-announceLISTS.DEBIAN.ORG: "[SECURITY] New version of modutils released"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
Date: 2000/11/20
Affected Application: CGIForum 1.0
http://www.marcbrinkmann.de/inandonline/netz/CGIForum-1.0.tar.gz
Markus Triska
<triskagmx.at>
CGIForum is a free forum. We can set 'thesection' parameter to view
files on the vulnerable system with privileges of the user "nobody".
This is caused from OutputHTMLFile function in cgiforum.pl script where $section (= $thesection ) isn't checked (never besides in this script).
e.g.:
http://127.0.0.1/cgi-bin/cgiforum.pl?thesection=../../../../../../etc/passwd%00
The author is informed.
==================================
zorgon <zorgonlinuxstart.com>
http://www.nightbird.free.fr
----------------------
Do you do Linux? :)
Get your FREE linuxstart.com email address at: http://www.linuxstart.com
- Next message: Georgi Guninski: "IE 5.x/Outlook allows executing arbitrary programs using .chm files and temporary internet files folder"
- Previous message: debian-security-announceLISTS.DEBIAN.ORG: "[SECURITY] New version of modutils released"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]