Bugtraq mailing list archives
Re: Ultimate Bulletin Board v5.3x? Bug
From: rfp () WIRETRIP NET (.rain.forest.puppy.)
Date: Tue, 30 Nov 1999 20:29:44 -0600
There seems to be a bug with the UBB under NT
Actually, I would say the bug was a poor choice of extension on UBB's part. On NT, you most likely have mapped the .cgi extension to invoke perl to handle the script; so when you request 000001.cgi, perl is actually running and trying to read it. This is actually similar to the %20.pl bug published, wow, like a year ago? More than that? I remember Mr. Cooper over on his list talking about it. The reason why Apache/unix gives you a 500 error is lack of the shebang (#!/path/to/interpreter) line at the beginning, and also because the script doesn't return proper headers. If Apache was just as lax as IIS, you would get the same result. Granted, since those files contain passwords, they shouldn't even be readable by the webserver, but it's a catch-22. And the fact that they contain plaintext passwords is un-nerving.
How to fix? change the members path to something more like xvc83nx9wy4nd0w74m3. That will solve it.
Until someone guesses the path. Security through obscurity. It won't hurt, but don't put faith in the "that will solve it" schpeil. - rain forest puppy
Current thread:
- Re: Ultimate Bulletin Board v5.3x? Bug John Riddoch (Nov 30)
- <Possible follow-ups>
- Re: Ultimate Bulletin Board v5.3x? Bug .rain.forest.puppy. (Nov 30)
- Re: Ultimate Bulletin Board v5.3x? Bug Trev (Dec 01)