MondoSearch show the source of all files

From: thefastkid (thefastkidat_private)
Date: Thu Oct 10 2002 - 11:09:35 PDT

Next message: Jedi/Sector One: "Multiple vulnerabilities in phpRank"

Previous message: 3APA3A: "nylon 0.2 (0.3?) DoS"
Next in thread: Orp 664: "Re: MondoSearch show the source of all files"
Reply: Orp 664: "Re: MondoSearch show the source of all files"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) MondoSearch show the source of all files -------------------------------------------- Affected Program: MondoSearch 4.4 (possibly earlier versions too, but not tested) Vendor: http://www.mondosoft.com Vendor Status: not informed yet Discovery Date: 10 oct 2002 Problem ------- You can see the source of the files, who are in the same directory and subdirectories Example ------- http://www.foo/cgi-bin2/MsmMask.exe?mask=/ foo.asp ..to see the source of foo.asp in the root dir Solutions --------- * The program have to check if is real .cfg file

Next message: Jedi/Sector One: "Multiple vulnerabilities in phpRank"
Previous message: 3APA3A: "nylon 0.2 (0.3?) DoS"
Next in thread: Orp 664: "Re: MondoSearch show the source of all files"
Reply: Orp 664: "Re: MondoSearch show the source of all files"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Oct 10 2002 - 12:04:07 PDT