(ePerl is an embedded Perl Interpreter for HTTP servers) * Description: Incorrect Handling of ISINDEX queries (command line argument) when ePerl runs as a nph-cgi/cgi. * Cause: According with the CGI/1.1 specification, the HTTP server executes CGI's passing the ISINDEX field as a command line argument. When ePerl runs and gets this argument (argc > 1), it fails to set MODE_CGI, then tries to open the argument for parsing/executing. This can lead to arbitrary Perl code being executed on the server. * Example: http://foo.com/some/dir/doit.phtml?/home/ftp/incoming/executemycode.phtml +----------------------------------------------------------------------+ | Tiago Luz Pinto tiagoat_private | | | | Network Administrator - Department of Production Engineering | | Federal University of Santa Catarina - Brazil | +----------------------------------------------------------------------+
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:02:16 PDT