On 18.12.2002 18:37:59 Dmitry Guyvoronsky wrote: > Software : Openwebmail (http://openwebmail.org) > Version : ?.?? -> 1.71 (current) > Type : Arbitrary commands execution > Remote : yes > Root : yes (!!!) > Date : December 18, 2002 > IV. RECOMENDATIONS > > Temporary disable using of openwebmail until patch will be released by the > vendor > or fix openwebmail-shared.pl, changing > > - --- > $loginname =~ s/\-session\-0.*$//; # Grab loginname from sessionid > - --- > > into > > - --- > $loginname =~ s/\-session\-0.*$//; # Grab loginname from sessionid > $loginname =~ s/[\.\/\;\|\'\"\`\&]//g; > - --- This Fix does not work if loginname includes the internet domain name (the dotīs disapear). Change into: $loginname =~ s/\-session\-0.*$//; # Grab loginname from sessionid $loginname =~ s/[\/\;\|\'\"\`\&]//g; $loginname =~ s/\.\.//g; Freundliche Gruesse / Best Regards Stephan Sachweh Abteilungsleiter Security Operations -------------------------------------------------------------------- //// pallas / A Member of the ExperTeam Group Pallas GmbH / Emil-Figge-Str. 85 / 44227 Dortmund / Germany Stephan.Sachwehat_private / www.pallas.com Tel +49-231-9704-221 / Fax +49-231-9704-609 / Mobile +49-173-5490754 --------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Tue Dec 24 2002 - 01:23:54 PST