[18448] in bugtraq
Re: Vulnerabilities in Informix Webdriver
daemon@ATHENA.MIT.EDU (isno)
Fri Jan 5 15:55:57 2001
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-Id: <20010105082829.EAA1B24C45F@lists.securityfocus.com>
Date: Thu, 4 Jan 2001 15:53:27 +0800
Reply-To: isno@sina.com
From: isno <isno@SINA.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
As John Wright mentioned "everything quoted is examples of a default install where
no configuration has been done." It is like what I said,this vulnerability is DEFAULT
installation,and the symlink vulnerability is the same default configuration.
I installed Informix Webdriver v3.0 on my SunOS 5.6 box,the web server is
APACHE 1.3.9.And I do not any configuration,let it run with all default configuration.
When I type URL I found the vulnerability.
Webdriver make /tmp/.log with permissions -rw-rw-rw- when it was under Debug
running ,but it is the default configuration.Because I only install the webdriver,
I do NOT any configuration works.
Good Luck!!!
isno(isno@etang.com)
