Re: 3 pigs building web servers? hacker wolf?

• Previous message: securenetworkat_private: "Orlando FL InfraGard meeting"
• In reply to: Robert Shea: "3 pigs building web servers? hacker wolf?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

BrickServer thttpd vulns:

1.) Viewing files:
    /cgi-bin/ssi/filetoview
    ( Can't break webroot if chroot is enabled )

2.) Directory Listings:
     /%2f
    ( Can't break webroot if chroot is enabled )

Riley Hassell
Network Penetration Specialist
eEye Digital Security

Get up...
and light the world on fire.


----- Original Message ----- 
From: "Robert Shea" <robert.sheaat_private>
To: <pen-testat_private>
Sent: Monday, June 18, 2001 3:22 PM
Subject: 3 pigs building web servers? hacker wolf?


> Is anyone at all familiar with the BrickServer system?
> (http://brickserver.com/) I have looked over their site and the whole
> thing looks pretty questionable, but a new client of ours runs it. I
> have only been able to find the thttp DOS issue.
> 
> thank you,
> robert
> 
> 

• Next message: IUSR_MAIL: "Linksys Pen Test"
• Previous message: securenetworkat_private: "Orlando FL InfraGard meeting"
• In reply to: Robert Shea: "3 pigs building web servers? hacker wolf?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jun 19 2001 - 14:45:55 PDT