Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Adminware, Control Panels :: a1stat~1.htm

A1Stats CGI view files, overwrite files bug



Vulnerability

    A1Stats

Affected

    Anyone using a A1Stats that was downloaded before 24/04/01

Description

    nemesystm of the  DHC found following.   A1Stats is a  CGI package
    to track website traffic.   The package has a  view files bug  and
    also gives the possibility to overwrite existing files.

    To test these vulnerabilities, try the following:

        www.server.com/cgi-bin/a1stats/a1disp3.cgi?../../../../../../../etc/passwd
        www.server.com/cgi-bin/a1stats/a1disp4.cgi?../../../../../../../etc/passwd

    These two will give you /etc/passwd:

        www.server.com/cgi-bin/a1stats/a1disp2.cgi?../../../../../../../etc/passwd

    This will also give you /etc/passwd but it will show it in a  very
    mangled manner as the  CGI adds HTML tags  to what it thinks  is a
    file it created itself.

    One can also open a file and wreck its contents:

        http://localhost/cgi-bin/a1stats/a1disp.cgi?|echo%20>a1admin.txt|

    will  empty  a1admin.txt.   a1admin.txt  contains  the password to
    change settings of  the CGI.   When this file  is removed, no  one
    can log in anymore.

Solution

    Downloading the latest version will solve this problem.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH