apache + .htpasswd - bypass pwd check

From: Hallberg Tom (tom.hallbergat_private)
Date: Thu Apr 25 2002 - 00:45:00 PDT

Next message: Global InterSec Research: "[Global InterSec 2002041701] Sudo Password Prompt Vulnerability."

Previous message: Steven M. Bellovin: "Re: trusting user-supplied data (was Re: FreeBSD Security Advisory FreeBSD-SA-02:23.stdio)"
Next in thread: Golden_Eternity: "RE: apache + .htpasswd - bypass pwd check"
Reply: Golden_Eternity: "RE: apache + .htpasswd - bypass pwd check"
Reply: Jose Nazario: "Re: apache + .htpasswd - bypass pwd check"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi

yesterday I managed to bypass the pwd check when using .htpasswd. The problem
now is that Im not sure how to secure it.

Okej let say that user ivan have protected his /home/ivan/public_html/topsecret
directory. And on the samer server we have the user johan, from his public_html
directory we make an symlink ln -s /home/ivan/public_html/topsecret test
okej so then johan tries http://www.hostname.whatever/~johan/test
he will end up in ivan' s  topsecret directory..

So what have I missed in my httpd.conf or something else? :)

thanx
/Tom

Next message: Global InterSec Research: "[Global InterSec 2002041701] Sudo Password Prompt Vulnerability."
Previous message: Steven M. Bellovin: "Re: trusting user-supplied data (was Re: FreeBSD Security Advisory FreeBSD-SA-02:23.stdio)"
Next in thread: Golden_Eternity: "RE: apache + .htpasswd - bypass pwd check"
Reply: Golden_Eternity: "RE: apache + .htpasswd - bypass pwd check"
Reply: Jose Nazario: "Re: apache + .htpasswd - bypass pwd check"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 25 2002 - 09:10:49 PDT