Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Servers :: savant2.htm

Savant Web Server view CGI source bug



Vulnerability

    Savant Webserver

Affected

    Savant Webserver

Description

    Following  is  based  on  MDMA  Advisory  #5  by Andrew Lewis aka.
    Wizdumb.  It is possible to view the source of CGI scripts running
    under the Savant Webserver by omitting the HTTP version from  your
    request.  For  example, we connect  to port 80  of the server  and
    type "GET /cgi-bin/mdma.bat HTTP/1.0" followed by two enters,  and
    the results are as follows...

        HTTP/1.0 200 OK
        Pragma: no-cache
        Content-type: text/html
        Server: Savant

        phjeeeer

    However, if we just  type "GET /cgi-bin/mdma.bat" followed  by two
    enters, the results are as follows...

        @echo off
        rem CGI Script for demonstrating vulnerability
        echo phjeeeer

    Savant is also affected by the /con/con bug.

Solution

    The vendor has been contacted and a fix is in the pipeline.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH