[25125] in bugtraq
segfault in ntop
daemon@ATHENA.MIT.EDU (JP)
Wed Apr 17 21:07:33 2002
Date: Wed, 17 Apr 2002 10:13:04 -0700 (PDT)
From: JP <px@negative.zeroday.net>
To: <bugtraq@securityfocus.com>
Message-ID: <Pine.LNX.4.33L2.0204170946450.6938-100000@negative.zeroday.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
I'm sorry if this has already been discussed on here before, but I went
through the thread and saw nothing on it.
I was able to remotley segfault ntop v.2.0.0 using Netscape 6.1 by simply
specifying a command in the url location bar. For example:
http://ntop.site.com:port/`ls`
That above command will cause ntop to segfault and core dump. I tried a
few different commands, ls and su segfaulted ntop, whereas everything else
I tried gave a 403 error, but ntop stayed online.
Here's information about my ntop platform:
Mandrake Linux v8.1 kernel 2.4.8-26mdk
ntop v.2.0.0 MT [i686-pc-linux-gnu] (01/24/02 03:04:18 PM build)
I was able to segfault ntop from the following platforms:
Mandrake Linux v8.1 kernel 2.4.8-26mdk with Netscape v6.1
(Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2) Gecko/20010726 Netscape6/6.1)
Mandrake Linux v8.1 kernel 2.4.8-26mdk with Opera 5.0 for Linux - 20010510 Build 024 -[5]
Windows 2000 Server 5.00.2195 SP2 with Netscape v6.2.2
(Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.4.1)
Gecko/20020314 Netscape6/6.2.2)
I was unable to duplicate this segfault with the following browsers:
Internet Explorer v6.0.2600.0000
Konqueror v2.2.1
I did not test any other platforms or browsers than the ones listed here.
I have notified ntop and haven't received a response yet.
Thanks,
jason
