AOH :: Web BBS :: etc :: CGIFORUM.HTM

AOH :: Web BBS :: etc :: CGIFORUM.HTM
CGIForum 1.0 file/directory traversal vulnerability

Vulnerability

    CGIForum

Affected

    CGIForum 1.0

Description

    'zorgon' found following.  CGIForum is  a free forum.  We can  set
    'thesection' parameter to view files on the vulnerable system with
    privileges of the user "nobody".

    This is caused from OutputHTMLFile function in cgiforum.pl  script
    where $section (= $thesection )   isn't checked (never besides  in
    this script).

    e.g.:

        http://127.0.0.1/cgi-bin/cgiforum.pl?thesection=../../../../../../etc/passwd%00

Solution

    The author is informed.  Markus Triska has released a new  version
    of CGIForum:

        http://www.marcbrinkmann.de/inandonline/netz/CGIForum-1.01.tar.gz

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better). Site design & layout copyright © 1986-2009 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.