[20281] in bugtraq
Re: qDefense Advisory: DCForum allows remote read/write/execute
daemon@ATHENA.MIT.EDU (admin@cgisecurity.com)
Wed Apr 18 03:13:14 2001
Content-Type: text
Message-ID: <200104171751.NAA21275@iridium.mv.net>
Date: Tue, 17 Apr 2001 13:51:44 -0400
Reply-To: "admin@cgisecurity.com" <admin@CGISECURITY.COM>
From: "admin@cgisecurity.com" <admin@CGISECURITY.COM>
X-To: franklin@QDEFENSE.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <4.3.2.7.2.20010417101841.00b2d6a0@compumodel.com> from "Franklin
DeMatto" at Apr 17, 2001 10:20:09 am
>
> Sorry for not clarifying. This is another vulnerability. The patch made
> DOES NOT fix this vulnerability.
> The CGISecurity hole only allowed read, not execute, and the patch did not
> affect the az field.
The following information is correct. The hole we found effected the forum= field.
It only allowed remote file viewing and also had a nasty Denial of service effect
which caused a rm -rf effect to whatever dir the script itself was stored.
(Hopefully that part doesn't effect this new bug)
- zenomorph
