[20264] in bugtraq
Re: qDefense Advisory: DCForum allows remote read/write/execute
daemon@ATHENA.MIT.EDU (Franklin DeMatto)
Tue Apr 17 13:44:52 2001
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Message-ID: <4.3.2.7.2.20010417101841.00b2d6a0@compumodel.com>
Date: Tue, 17 Apr 2001 10:20:09 -0400
Reply-To: Franklin DeMatto <franklin@QDEFENSE.COM>
From: Franklin DeMatto <franklin@QDEFENSE.COM>
X-To: Wolfgang Wiese <wolfgang.wiese@rrze.uni-erlangen.de>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20010417110715.A16639@eliza.rrze.uni-erlangen.de>
Sorry for not clarifying. This is another vulnerability. The patch made
DOES NOT fix this vulnerability.
The CGISecurity hole only allowed read, not execute, and the patch did not
affect the az field.
At 11:07 AM 4/17/01 +0200, Wolfgang Wiese wrote:
>Hi,
>
> > Version Tested: DCForum 2000 1.0
> > Severity: Any remote attacker may gain read/write/execute privilleges
>
>
>Isn't that the same security-leak CGISecurity (http://www.CGISecurity.com/)
>reportet Nov 2000 about?
>
>Moreover the current version of DCForum is 6.1. The security-leak was
>affecting versions 1.0 - 6.0 and was patched by DCScripts on
>March, 31. (http://www.dcscripts.com/FAQ/sec_2001_03_31.html)
>
>Ciao,
> Wolfgang
>
>
>--
>______________________________________________________________________
> Dipl. Inf. Wolfgang Wiese XWolf CGI & Webworking
> xwolf@xwolf.com http://www.xwolf.com
>______________________________________________________________________
> PGP-key: http://www.xwolf.com/public-key.txt
