[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Cobalt Cube Webmail directory traversal (fwd)

Subject: Re: [cobalt-security] Cobalt Cube Webmail directory traversal (fwd)
From: "Steve Werby" <steve-lists@xxxxxxxxxxxx>
Date: Fri, 6 Jul 2001 14:41:41 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

"shimi" <shimi@xxxxxxxxxxxxxxxx> wrote:
> And in any case I am still correct... if a webserver has a server root, in
> no case the webserver shall send out a page on a directory upper than it's
> server root. That's only my opinion, though... (chroot was made for
> limiting software to the exact same thing)

And it's trivial for PHP to be configured to do the same.  See:
http://www.php.net/manual/en/configuration.php#ini.doc-root
http://www.php.net/manual/en/configuration.php#ini.open-basedir

And the exact exploit found by GTD was discussed in the last 2 days on
php-general under the thread "Security of PHP code".  Here's the first
message, follow the thread if you'd like.  It's probably a half dozen or
more messages before people post vulnerable URLs and code fixes.  Read the
whole thread b/c some of them aren't adequate.

--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/

Follow-Ups:
- Re: [cobalt-security] Cobalt Cube Webmail directory traversal (fwd)
  - From: Steve Werby

References:
- Re: [cobalt-security] Cobalt Cube Webmail directory traversal (fwd)
  - From: shimi

Prev by Date: RE: [cobalt-security] UDP Scans
Next by Date: Re: [cobalt-security] Cobalt Cube Webmail directory traversal (fwd)
Previous by thread: Re: [cobalt-security] Cobalt Cube Webmail directory traversal (fwd)
Next by thread: Re: [cobalt-security] Cobalt Cube Webmail directory traversal (fwd)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index