BlueBoarTHIEVCO.COM

• Next message: Robert A. Seace: "Re: C versus other languages,"
• Previous message: Ben Galehouse: "Re: JSP hacking"
• In reply to: gregory duchemin: "Security bugs in nokia voyager, BO dev."
• Reply: Blue Boar: "Re: Security bugs in nokia voyager, BO dev."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Cool.

Just a quick reminder to folks who aren't all that familiar with
these Nokia boxen: You can't get to this point until you've
authenticated yourself as admin (at least I think.. don't have
one to play with anymore.)

But please, don't let that stop people from trying to
stuff shell code at it... I'm sure there are some out
there where people have severely misconfigured them, so
attackers CAN get to the web interface.

                                BB

gregory duchemin wrote:
>
> Voyager works with a multipurposes cgi called html_page that make a call to
> html_gen with a filename as a template script. Html_gen produce the final
> html page returned by apache.
> if u test this kind of url:
> http://your-nokia/http://10.1.152.2/cgi-bin/html_page?TEMPLATE=arp&IH=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
> u 'll get a segfault error page.
> if u test it with a command line, u ll reproduce the same signal.
> Obviously, html_gen is unable to manage properly a big amount a data in some
> of its parameters. IH is one of the html_page's paramaters that does the
> job.
>

• Next message: Robert A. Seace: "Re: C versus other languages,"
• Previous message: Ben Galehouse: "Re: JSP hacking"
• In reply to: gregory duchemin: "Security bugs in nokia voyager, BO dev."
• Reply: Blue Boar: "Re: Security bugs in nokia voyager, BO dev."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]