[10693] in bugtraq
Re: whois_raw.cgi problem
daemon@ATHENA.MIT.EDU (Peter van Dijk)
Tue Jun 1 19:26:58 1999
Mail-Followup-To: BUGTRAQ@NETSPACE.ORG
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19990602010622.C9360@attic.vuurwerk.nl>
Date: Wed, 2 Jun 1999 01:06:22 +0200
Reply-To: Peter van Dijk <peter@ATTIC.VUURWERK.NL>
From: Peter van Dijk <peter@ATTIC.VUURWERK.NL>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19990602001642.L1244@attic.vuurwerk.nl>; from Peter van Dijk on
Wed, Jun 02, 1999 at 12:16:42AM +0200
On Wed, Jun 02, 1999 at 12:16:42AM +0200, Peter van Dijk wrote:
> On Tue, Jun 01, 1999 at 12:34:51AM +0200, Salvatore Sanfilippo -antirez- wrote:
> > Hi,
> >
> > sorry if this has already been known.
> >
> > There is a problem in whois_raw.cgi, called from
> > whois.cgi. whois_raw.cgi is part of cdomain v1.0.
> > I don't know if new versions are vulnerable.
>
> Version 2.0 is just as vulnerable.
>
> The commercial version (the one that runs on NT too :) is _not_ vulnerable
> since it does it's own socket thing instead of starting 'whois'.
>
> I've known of this bug in cdomain for about 6 months but never got around
> to writing up an advisory...
To elaborate this a bit further: cdomain-free 2.4 and lower are
_vulnerable_. cdomain-free 2.5 and all commercial cdomain versions I've
seen are _not_ vulnerable, because they connect to the whois servers
themselves.
cdomain-free is available for download at www.cdomain.com.
Greetz, Peter
--
| 'He broke my heart, | Peter van Dijk |
I broke his neck' | peter@attic.vuurwerk.nl |
nognikz - As the sun | Hardbeat@ircnet - #cistron/#linux.nl |
| Hardbeat@undernet - #groningen/#kinkfm/#vdh |
