Bugtraq mailing list archives
Re: Vulnerabilities in Informix Webdriver
From: John Wright <john () dryfish org>
Date: Thu, 4 Jan 2001 09:25:44 +0000
I missed the original post so I'm quoting Joshua Poulson instead. Basically, everything quoted is examples of a default install where no configuration has been done. On Wed, Jan 03, 2001 at 10:24:18AM -0800, Joshua R. Poulson wrote:
Webdriver is the web interface of Informix database,I found it is vulnerable.In the common condition,webdriver is submitted with a parameter,but if you type http://victim/cgi-bin/webdriver directly, It will return a webpage which you can modify or delete database on it.
The above is a misconfiguration. webdriver has easy to use configuration and the above is just the default for a particular set of configurations. With a proper setup the above URL would send you to a 404 Asset not found or a company home page or whatever.
The Web DataBlade manuals have a comment about leaving the AppPage Builder program running on a production database on page 11-4 of the Version 4.0 Administrator's Guide. "You should not install AppPage Builder (APB) in a Production Database, since APB is typically only used during development and can pose a security risk if present in a production database."
You can also set a read_level for a configuration and webdriver will check this against the read_level of an AppPage and will give a 403 Access not allowed if you do not have access.
Otherwise, webdriver will make a /tmp/.log file,its attribute is -rw-rw-rw,we can make a symlink and get the nobody privilege, although without root privilege,we can deface the website as nobody.The only files created with a .log extension are debug logs. What version of the web driver are you using?
Logs can be enabled and disabled and moved and placed in secured locations on disk.
Current thread:
- Vulnerabilities in Informix Webdriver isno (Jan 02)
- Re: Vulnerabilities in Informix Webdriver Joshua R. Poulson (Jan 03)
- Re: Vulnerabilities in Informix Webdriver John Wright (Jan 04)
- Re: Vulnerabilities in Informix Webdriver Joel Michael (Jan 04)
- <Possible follow-ups>
- Re: Vulnerabilities in Informix Webdriver isno (Jan 05)
- Re: Vulnerabilities in Informix Webdriver Joshua R. Poulson (Jan 03)