WWW Authorization Gateway

From: Albert Nubdy (formatezat_private)
Date: Wed Jul 08 1998 - 17:08:49 PDT

Next message: Matt Conover: "Re: Sun libnsl lameness"

Previous message: Pavel Kankovsky: "Re: Linux kernel filesystem oddities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----


Hello,


    I have discovered a problem in the WWW Authorization Gateway 0.1
By Ray Chan  From West's Perl Archive. This CGI Lets users grant or
deny access tosome pages. You can Execute any command you please with
it.
That is because of this little line: "$info = `grep $DATA{"user"}
$passurl`;".

To exploit You would just have to put:
"| any command you would like" as a Username and any password.


                                                FormateZ


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.5.3i for non-commercial use <http://www.pgpi.com>

iQA/AwUBNaQxceUnuPHnmgTPEQL1fACaAr/WMae2qu78PwrG9orZNc4jvCEAoO3R
FC/KpjgPjJrHSSyhVPSe6w87
=hyj4
-----END PGP SIGNATURE-----

Next message: Matt Conover: "Re: Sun libnsl lameness"
Previous message: Pavel Kankovsky: "Re: Linux kernel filesystem oddities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:02:34 PDT