Bugtraq mailing list archives
FW: Security Notice: Big Brother 1.09b/c
From: sean () WWW MACLAWRAN CA (Sean MacGuire)
Date: Mon, 26 Apr 1999 06:49:59 -0400
http://www.maclawran.ca/bb/ for more info on Big Brother. -----FW: <199904261049.GAA07967 () www maclawran ca>----- Date: Mon, 26 Apr 1999 06:49:59 -0400 (EDT) From: Sean MacGuire <sean () www maclawran ca> To: solo () dok org Subject: Security Notice: Big Brother 1.09b/c This notice concerns the Big Brother System and Network Monitor. We noticed you downloaded a version which could be affected by this problem so we wanted to tell you about it. If you have any questions or concerns, feel free to contact me at mailto:sean () maclawran ca. Sorry for any inconvenience. =========================== Big Brother Security Notice =========================== Versions: 1.09b and 1.09c Module: CGI History module (web/bb-hist.sh) Affects: Anyone who's installed the new history viewer bb-hist.sh as a CGI program. Summary: Exploiting the problem could allow the partial display of local files provided they are readable by your web server, and text-based. Fix: Please pick up a new version of the bb-hist.sh file at: http://maclawran.ca/bb-dnld/bb-hist.sh Found by: Michael Smith <michael () csuite ns ca> Thanks Michael. I've also updated the archive to be 1.09d (this is the only change). -- Sean MacGuire, Reality Engineer sean () MacLawran ca The Big Brother Ministry of Truth http://maclawran.ca/sean icbm --> 45'31.06N-73'35.19W +1 514 982 9688 "Looking down the barrel of another day" --------------End of forwarded message-------------------------
Current thread:
- FW: Security Notice: Big Brother 1.09b/c Sean MacGuire (Apr 26)