Bugtraq mailing list archives
webplus security hole
From: TalentSoft.Support () EXCHANGE TALENTSOFT COM (TalentSoft.Support)
Date: Thu, 13 Apr 2000 15:31:18 -0500
This email is sent to advise all users of webplus having a build prior to 512 that there has been a reported security problem. In the url, if running webplus as the user 'root', it is possible to use the '..' command to traverse directories on the server. This technique can be used to view proprietary files on the web server. This problem has been corrected in builds of webplus after 512. For those who need the upgraded binary, you can either contact support () talentsoft com for a link to the patch, or obtain the patch from the web site (www.talentsoft.com). The security advisory section of the web site is currently under construction, but should be completed very soon. Thank You Technical Support talentsoft
Current thread:
- Re: IMAIL (Ipswitch) DoS with Eudora (Qualcomm) Jeff Beckley (Apr 06)
- Re: IMAIL (Ipswitch) DoS with Eudora (Qualcomm) Anthony Santen (Apr 06)
- A funny way to DOS pcANYWHERE8.0 and 9.0 Frankie Zie (Apr 09)
- Building a Bastion Host Using HP-UX 11 Kevin Steves (Apr 10)
- BeOS syscall bug Konstantin Boldyshev (Apr 10)
- Re: A funny way to DOS pcANYWHERE8.0 and 9.0 Christopher Schulte (Apr 10)
- Re: A funny way to DOS pcANYWHERE8.0 and 9.0 Ken Eaton (Apr 10)
- Re: A funny way to DOS pcANYWHERE8.0 and 9.0 Alesh Mustar (Apr 13)
- webplus security hole TalentSoft.Support (Apr 13)
- Re: A funny way to DOS pcANYWHERE8.0 and 9.0 Christopher Schulte (Apr 13)
- FreeBSD Security Advisory: FreeBSD-SA-00:11.ircii FreeBSD Security Officer (Apr 10)
- Re: FreeBSD Security Advisory: FreeBSD-SA-00:11.ircii matthew green (Apr 10)
- Re: FreeBSD Security Advisory: FreeBSD-SA-00:11.ircii Kris Kennaway (Apr 10)