Bugtraq mailing list archives
ROADS search system "show files" Vulnerability with "null bite" bug
From: UkR-XblP <cuctema () OK RU>
Date: Mon, 12 Feb 2001 17:17:07 +0300
Name: ROADS search system "show files" Vulnerability with "null bite" bug Date: 29.01.2001 About: The search.pl program is a Common Gateway Interface (CGI) program used to provide an end user search front end to ROADS databases. When accessed with no CGI query, the program can return an HTML form to the user to fill in to make a query. This form can be designed by the SBIG Administrator and can include a number of options. The default form for this installation is held in the search directory under the ROADS config directory by http://www.roads.lut.ac.uk Problem: Through this bug you can see any files, bug works on every system were perl is installed. "%00" - means hex symbol of the end of the line, used in C,C++ and perl. Author: UkR-XblP Exploit: http://www.victim.com/ROADS/cgi-bin/search.pl?form=url_to_any_file%00 Get your free e-mail address at http://www.zmail.ru
Current thread:
- ROADS search system "show files" Vulnerability with "null bite" bug UkR-XblP (Feb 12)
- Re: ROADS search system "show files" Vulnerability with "null bite" bug Martin Hamilton (Feb 15)