PATCH: faxsurvey

From: Tom (dodat_private)
Date: Tue Aug 04 1998 - 07:43:42 PDT

Next message: Tom: "remote exploit in faxsurvey cgi-script"

Previous message: Peter Jeremy: "Re: A way to prevent buffer overflow exploits?"
Next in thread: Sir Syko: "Re: PATCH: faxsurvey"
Reply: Sir Syko: "Re: PATCH: faxsurvey"
Reply: Illuminatus Primus: "Re: PATCH: faxsurvey"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi.

Here comes the patch for the 'faxsurvey' cgi-script.
The problem is the quotation marks for the 'eval' command.
Will they ever learn?

Don't forget to remove/chown 'faxsurvey.orig' after patching.

Cheers
        Tom

--- faxsurvey.orig      Mon Dec  1 01:05:47 1997
+++ faxsurvey   Fri Jul 31 11:59:21 1998
@@ -44,7 +44,7 @@
 #
 # Be careful here.
 #
-eval `$ECHO "$QUERY_STRING" | $UNQUOTE -qn | $SED 's/PATH=[^;]*;//g'`
+eval "ECHO "$QUERY_STRING" | $UNQUOTE -qn | $SED 's/PATH=[^;]*;//g'"

 echoMail()
 {


[EOM]

Next message: Tom: "remote exploit in faxsurvey cgi-script"
Previous message: Peter Jeremy: "Re: A way to prevent buffer overflow exploits?"
Next in thread: Sir Syko: "Re: PATCH: faxsurvey"
Reply: Sir Syko: "Re: PATCH: faxsurvey"
Reply: Illuminatus Primus: "Re: PATCH: faxsurvey"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:11:13 PDT