[20412] in bugtraq
Advisory for perl webserver
daemon@ATHENA.MIT.EDU (neme-dhc@HUSHMAIL.COM)
Tue Apr 24 18:02:40 2001
Mime-version: 1.0
Content-type: multipart/mixed;
boundary="Hushpart_boundary_oFTOTnEKlDAMbeWLwLnCjLgJwMeqwBjA"
Message-ID: <200104241516.IAA05820@user7.hushmail.com>
Date: Tue, 24 Apr 2001 08:14:55 -0500
Reply-To: neme-dhc@HUSHMAIL.COM
From: neme-dhc@HUSHMAIL.COM
To: BUGTRAQ@SECURITYFOCUS.COM
--Hushpart_boundary_oFTOTnEKlDAMbeWLwLnCjLgJwMeqwBjA
Content-type: text/plain
[ Advisory for Perl Web Server ]
[ Site: http://perlwebserver.sourceforge.net ]
[ by nemesystm of the DHC ]
[ (http://dhcorp.cjb.net - neme-dhc@hushmail.com) ]
[ ADV-0113 ]
/-|=[explanation]=|-\
Perl Web Server has a simple dot dot bug bug.
/-|=[who is vulnerable]=|-\
Tested to be vulnerable to the hex-encoded dot dot
bug are:
Perl Web Server v0.3
All older versions are assumed to be vulnerable as
well.
/-|=[testing it]=|-\
To test this vulnerability, try the following.
www.server.com/../../../../etc/passwd
add ..'s to reflect the location of /etc/passwd in
comparison to Perl Web Server.
www.server.com/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
works as well.
%2e is nothing but a hex-encoded dot.
/-|=[fix]=|-\
Not known at the moment.
Free, encrypted, secure Web-based email at www.hushmail.com
--Hushpart_boundary_oFTOTnEKlDAMbeWLwLnCjLgJwMeqwBjA--
