Bug in Eupload

From: [Zero_Byte] (zero_byteat_private)
Date: Tue Jul 30 2002 - 16:16:44 PDT

Next message: Steven M. Christey: "Directory traversal vulnerability in sendform.cgi"

Previous message: Mike Porter: "Re: VNC authentication weakness"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

People,
       Hi! I found a bug in the Eupload CGI, and I written a little
       paper with the explanation, explotation and solution.
       In fact everything would be solved with making chmod "0", but in
       the 90% it is not used; reason why it is easily exploitable.

       I hope they enjoy it.

       P.S: I apologize for my poor English; I am Argentinean and
       I don't use it very well.


Greetings
            Zero_Byte    mailto:zero_byteat_private

------------------------------------
[Zero_Byte] zerobyteat_private
El Agujero Negro. Secretos en la red.
  ==> http://agujero.com <==
------------------------------------
http://listas.agujero.com/lista/oscuro/alta
SUSCRIBETE!

text/plain attachment: Bug_in_Eupload.txt

Next message: Steven M. Christey: "Directory traversal vulnerability in sendform.cgi"
Previous message: Mike Porter: "Re: VNC authentication weakness"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 30 2002 - 21:37:02 PDT