[25435] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Bug in mnogosearch-3.1.19

daemon@ATHENA.MIT.EDU (qitest1)
Sat May 11 15:11:34 2002

Date: Sat, 11 May 2002 19:08:15 +0200 (CEST)
From: qitest1 <qitest1@bespin.org>
To: bugtraq@securityfocus.com
Message-ID: <Pine.LNX.4.21.0205111905430.4281-200000@lab.house.net>
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED; BOUNDARY="8323328-1343702461-1021136895=:4281"

--8323328-1343702461-1021136895=:4281
Content-Type: TEXT/PLAIN; charset=US-ASCII

	qitest1 security advisory #003

Bug in mnogosearch-3.1.19 and prior
-----------------------------------------------

PROGRAM DESCRIPTION
mnoGoSearch is a full-featured SQL based web search engine, 
available from http://www.mnogosearch.org.

PROBLEM DESCRIPTION
When receiving a too long query string (q var), search.cgi
segfaults (http://127.0.0.1/cgi-bin/search.cgi?q=query). The bug
resides in a bad management of heap-allocated memory. The bug could
be abused by remote attackers to execute code with web server  
privileges.

SOLUTION
Authors were contacted a month ago: they told me that the cvs 
version had been fixed. Nevertheless the stable version
recommended on their web site is still bugged. At the moment you
should disable search.cgi, use the stupid patch attached to this
advisory (for 3.1.19) or alternatively install last cvs version.

--
---- q1-- http://qitest1.0xfee1dead.net/
--

--8323328-1343702461-1021136895=:4281
Content-Type: TEXT/PLAIN; charset=US-ASCII; name="mnogosearch-3.1.19.patch"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine.LNX.4.21.0205111908150.4281@lab.house.net>
Content-Description: 
Content-Disposition: attachment; filename="mnogosearch-3.1.19.patch"

LS0tIHNyYy9zZWFyY2guYwlUdWUgSnVuIDI2IDEwOjU1OjE3IDIwMDENCisr
KyBzcmMvc2VhcmNoLmMJV2VkIE1heSAgOCAxNToxNzoxMiAyMDAyDQpAQCAt
MTQwMyw2ICsxNDAzLDEzIEBADQogCQkqLw0KIAkJaWYoIVVETV9TVFJOQ01Q
KHRva2VuLCJxPSIpKXsNCiAJCQljaGFyIHN0cltVRE1TVFJTSVpdPSIiOw0K
KwkvKiBSZWFsbHkgdGVtcG9yYXJ5IHNlY3VyaXR5IGZpeCAqLw0KKwlpZihz
dHJsZW4odG9rZW4pID4gNTEyKQ0KKwl7DQorCXByaW50ZigiPGh0bWw+PGJv
ZHk+UXVlcnkgc3RyaW5nIHRvbyBsb25nPC9ib2R5PjwvaHRtbD5cbiIpOw0K
KwlleGl0KDEpOw0KKwl9DQorCS8qIHExLS0JKi8gDQogCQkJcXVlcnlfd29y
ZHM9c3RyZHVwKFVkbVVuZXNjYXBlQ0dJUXVlcnkoc3RyLHRva2VuKzIpKTsN
CiAJCQlxdWVyeV91cmxfZXNjYXBlZD1zdHJkdXAoVWRtRXNjYXBlVVJMKHN0
cixxdWVyeV93b3JkcykpOw0KIAkJCXF1ZXJ5X2Zvcm1fZXNjYXBlZD1VZG1I
dG1sU3BlY2lhbENoYXJzKHF1ZXJ5X3dvcmRzKTsNCg==
--8323328-1343702461-1021136895=:4281--


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[25435] in bugtraq

Bug in mnogosearch-3.1.19

daemon@ATHENA.MIT.EDU (qitest1)Sat May 11 15:11:34 2002

daemon@ATHENA.MIT.EDU (qitest1)
Sat May 11 15:11:34 2002