Full Disclosure mailing list archives
A correction to "UNIRAS ALERT - 34/04"
From: Ulf Härnhammar <Ulf.Harnhammar.9485 () student uu se>
Date: Tue, 21 Sep 2004 17:58:42 +0200
----- Forwarded message from Ulf Härnhammar <Ulf.Harnhammar.9485 () student uu se> ----- Date: Thu, 16 Sep 2004 12:24:39 +0200 From: Ulf Härnhammar <Ulf.Harnhammar.9485 () student uu se> Reply To: Ulf Härnhammar <Ulf.Harnhammar.9485 () student uu se> Subject: A correction to "UNIRAS ALERT - 34/04" To: vulteam () niscc gov uk Hello, I think this paragraph from your alert 34/04 is misleading:
However for this vulnerability to be exploited, an attacker must first induce a normal user to install the malicious configuration files onto their servers before a exploit can take place.
In the scenario that I and SITIC have described, the attacker is the normal user. If Peter is a customer of MegaISP, which allows their users to configure their web pages with .htaccess files, Peter can hack MegaISP by storing malicious .htaccess files in his web space at MegaISP. Thus, there is no need for an attacker to induce a normal user to do anything. Please correct this. // Ulf Harnhammar ----- End of forwarded message ----- BTW, I wrote some more about this vulnerability in my Advogato blog. -- Ulf Harnhammar http://www.advogato.org/person/metaur/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- A correction to "UNIRAS ALERT - 34/04" Ulf Härnhammar (Sep 21)