[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] CGIWrap Update: Patched RaQ still has issues

Subject: Re: [cobalt-security] CGIWrap Update: Patched RaQ still has issues
From: Dan Keller <cobalt@xxxxxxxxxx>
Date: Wed, 28 Aug 2002 18:51:58 -0700
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

At 02:58 AM 8/29/02 +0200, you wrote:

>Change the domain and the username below to one of your RaQs and see yourself:
>
>http://www.victim.org/cgiwrapDir/cgiwrapd/~someone/<html><s>TEST</s>
>
>Reveals UID, GID of "someone", his home directory and some other errands.
>
>All by itself it isn't that big of a deal, but I could imagine a few scenarios 
>where this information might aid in an exploitation.

Hmm, I get nothing but 404 errors or CGIWrap
telling me it can't find the script file on my RaQ2.

Does that mean that the RaQ2 is not vulnerable
to this exploit?  (I did install the recently-announced patch.)

More likely it means that I'm not entering the URL correctly...
Am guessing at what to put in place of "cgiwrapDir".
Suggestions?

Thanks, Mr. Stauber, for sharing this info!

Dan Keller

Follow-Ups:
- Re: [cobalt-security] CGIWrap Update: Patched RaQ still has issues
  - From: Michael Stauber
- Re: [cobalt-security] CGIWrap Update: Patched RaQ still has issues
  - From: Dan Keller

References:
- [cobalt-security] CGIWrap Update: Patched RaQ still has issues
  - From: Michael Stauber

Prev by Date: [cobalt-security] CGIWrap Update: Patched RaQ still has issues
Next by Date: Re: [cobalt-security] CGIWrap Update: Patched RaQ still has issues
Previous by thread: [cobalt-security] CGIWrap Update: Patched RaQ still has issues
Next by thread: Re: [cobalt-security] CGIWrap Update: Patched RaQ still has issues

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index