Bugtraq mailing list archives
Re: REMOTE EXPLOIT IN ALL CURRENT VERSIONS OF BIG BROTHER- short fix
From: schleich () CGOCABLE NET (Jake Schleich)
Date: Tue, 11 Jul 2000 16:51:38 -0400
Just a note on the new bug in the hostsvc cgi. I found that by just downloading the new 1.4h2 and running the bbconfig and filling in the variables, it overwrote the offending file without me having to reinstall the entire thing; a pain when it comes to reconfiguring. It asks which files it will overwrite in the cgi-bin, you just say no to the custom ones(if you have replaced a few of the default bb cgi's with /ext released versions as I have) and replace the offending file(s). So in short, the bbconfig script will fix the problem without a rebuild. The hole appears to be patched on my server now (I already had the 1.4h release; I cant say this will work if you are using an older version). This may be a short way for bb users to fix the problem rather than a full install; it doesnt appear it is required, and no other changes appear to be in the release to benefit from a fresh install. Jake Schleich Unix Administrator - Internet Systems Department Cogeco@home - CGOcable.net (905) 333-7085 (schleich () cgocable net) <cut> The problem exists in the code where $HOSTSVC does not do authenticity checking for its assigned variable. ---- snip ---- # get the color of the status from the status file set `$CAT "$BBLOGS/$HOSTSVC" | $HEAD -1` >/dev/null 2>&1 BKG="$1" ---- snap ---- e.g. http://www.bb4.com/cgi-bin/bb-hostsvc.sh?HOSTSVC=/../../../../../../../. ./etc/passwd BB4 Technologies has already been notified and a patch is already out. It can be Downloaded from http://www.bb4.com/download.html </cut>
Current thread:
- Re: REMOTE EXPLOIT IN ALL CURRENT VERSIONS OF BIG BROTHER- short fix Jake Schleich (Jul 11)