Bugtraq mailing list archives
Re: Discus advisory.
From: hhp () NS SUSPEND NET (Elaich Of Hhp)
Date: Thu, 29 Apr 1999 19:50:34 -0400
On Wed, 28 Apr 1999, Ian R. Justman wrote:
Showed this to my boss because one of our customers (one whose account we are currently reviewing) runs this script. If this is running under Linux, FreeBSD or any system with a decent shadow password system or something similar AND a sanely-configured web server, e.g. with CGIwrap, any internal wrappering which runs scripts as the owner of the script like any later version of Apache with the integrated setuid wrapper, or at the very least just outright running scripts as an arbitrary unprivileged user, there is no problem. You can't read /etc/shadow|/etc/master.passwd|/etc/whatever if you're not a privileged user. ;) --Ian.
Well I never said that /etc/shadow, /etc/passwd etc. etc. were readable. and the stuff you stated above is not the problem here. The software creates the directory with 666 perms. In that directory there is a users.txt and a admin.txt which both contain crypt(3) passwds. Here is one of the simple replies I have recieved. - Date: Mon, 26 Apr 1999 09:32:23 -0400 - From: mwerneburg () stardata ca - To: hhp () hhp hemp net - Subject: Re: Discus advisory. - - Good post. I'm administering a discus installation and was appalled to - see files like passwd.txt with 666 perms. Thanks for the heads-up! -elaich ----------------------------------------- elaich of the hhp. hhp-1999(c) Email: hhp () hemp net Web: http://hhp.hemp.net/ Voice: 1-800-Rag-on-gH pin: The-hhp-crew hhp-ms: hhp.hemp.net, port:7777, pass:hhp -----------------------------------------
Current thread:
- Re: Shopping Carts exposing CC data Bo Elkjaer (Apr 23)
- javascript hotmail password trap David L. Nicol (Apr 23)
- Re: Shopping Carts exposing CC data Joe (Apr 23)
- Discus advisory. Elaich Of Hhp (Apr 23)
- Re: Discus advisory. Ian R. Justman (Apr 28)
- Re: Discus advisory. Elaich Of Hhp (Apr 29)
- X-based sniffer-netxmon Zhang Qianli (Apr 29)
- Re: X-based sniffer-netxmon route () RESENTMENT INFONEXUS COM (Apr 29)
- Re: X-based sniffer-netxmon Zhang Qianli (Apr 29)
- Buffer overflow in ftpd and locate bug Sergey V. Kolychev (Apr 30)
- Re: X-based sniffer-netxmon Corey Lindsly (Apr 29)
- Re: Discus advisory. Ian R. Justman (Apr 28)
- <Possible follow-ups>
- Re: Shopping Carts exposing CC data hevnsnt (Apr 23)
- Re: Shopping Carts exposing CC data Bo Elkjaer (Apr 25)
- Re: Shopping Carts exposing CC data Bo Elkjaer (Apr 27)