RE: apache + .htpasswd - bypass pwd check

• Previous message: Andreas Sandblad: "Mp3 file can execute code in Winamp [Sandblad advisory #5]"
• In reply to: Hallberg Tom: "apache + .htpasswd - bypass pwd check"
• Next in thread: RSnake: "RE: apache + .htpasswd - bypass pwd check"
• Next in thread: Jose Nazario: "Re: apache + .htpasswd - bypass pwd check"
• Reply: RSnake: "RE: apache + .htpasswd - bypass pwd check"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

You need to turn off FollowSymLinks in the */public_html/ directories.

> -----Original Message-----
> From: Hallberg Tom [mailto:tom.hallbergat_private]
> Sent: Thursday, April 25, 2002 12:45 AM
> To: bugtraqat_private
> Cc: vuln-dev@security-focus.com
> Subject: apache + .htpasswd - bypass pwd check
> 
> 
> Hi
> 
> yesterday I managed to bypass the pwd check when using .htpasswd. 
> The problem
> now is that Im not sure how to secure it.
> 
> Okej let say that user ivan have protected his 
> /home/ivan/public_html/topsecret
> directory. And on the samer server we have the user johan, from 
> his public_html
> directory we make an symlink ln -s /home/ivan/public_html/topsecret test
> okej so then johan tries http://www.hostname.whatever/~johan/test
> he will end up in ivan' s  topsecret directory..
> 
> So what have I missed in my httpd.conf or something else? :)
> 
> thanx
> /Tom
> 

• Next message: Jose Nazario: "Re: apache + .htpasswd - bypass pwd check"
• Previous message: Andreas Sandblad: "Mp3 file can execute code in Winamp [Sandblad advisory #5]"
• In reply to: Hallberg Tom: "apache + .htpasswd - bypass pwd check"
• Next in thread: RSnake: "RE: apache + .htpasswd - bypass pwd check"
• Next in thread: Jose Nazario: "Re: apache + .htpasswd - bypass pwd check"
• Reply: RSnake: "RE: apache + .htpasswd - bypass pwd check"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 26 2002 - 08:39:54 PDT