[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] QuickFIX:CGIWrap Update: Patched RaQ still has issues
- Subject: [cobalt-security] QuickFIX:CGIWrap Update: Patched RaQ still has issues
- From: "K-IM" <k-imaiz@xxxxxxxxxxxxxxxxx>
- Date: Fri, 30 Aug 2002 16:53:04 +0900
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi all,
there are still Cross-Site-Scripting vulnerabilities
with latest patched CGI-Wrapper on the RaQs.
Atackers can steal session cookies,
can display fake information on victim browser.
Quick FIX:(My RaQ3)
__/__/__/__/__/__/__/__/__/__/__/
telnet www.domain.jp 23
Cobalt Linux release 5.0 (Pacifica)
Kernel 2.2.16C28_III on an i586
login: admin
Password: ********
Last login: Fri Aug 30 15:37:01 from www.domain.jp
*****************************************************************
* *
* Type 'pine' or 'mail' to read your email *
* *
* Type 'cd web' to access your personal web page *
* Type 'cd ../../web' to access the site web *
* Type 'cd ../../ftp' to access the anonymous FTP site *
* Type 'cd' to return to your home directory *
* *
* Type 'exit' to end this session *
* *
*****************************************************************
*****************************************************************
* *
* NOTICE TO ROOT USER: Changes to system files may affect *
* your warranty. Please consult your warranty card for details. *
* *
* http://www.cobalt.com *
* *
*****************************************************************
[admin@www admin]$ su -
Password:
*****************************************************************
* *
* NOTICE TO ROOT USER: Changes to system files may affect *
* your warranty. Please consult your warranty card for details. *
* *
* http://www.cobalt.com *
* *
*****************************************************************
[root@www /root]# find /usr/cgiwrap
/usr/cgiwrap
/usr/cgiwrap/cgiwrapd
/usr/cgiwrap/cgiwrap
/usr/cgiwrap/nph-cgiwrap
/usr/cgiwrap/nph-cgiwrapd
[root@www /root]# cd /usr/cgiwrap
[root@www cgiwrap]# ls -al
total 182
drwxr-xr-x 2 root root 1024 Aug 30 15:38 .
drwxr-xr-x 26 root root 1024 Jul 12 15:50 ..
-rwsr-xr-x 4 root root 44226 Jul 15 00:51 cgiwrap
-rwsr-xr-x 4 root root 44226 Jul 15 00:51 cgiwrapd
-rwsr-xr-x 4 root root 44226 Jul 15 00:51 nph-cgiwrap
-rwsr-xr-x 4 root root 44226 Jul 15 00:51 nph-cgiwrapd
[root@www cgiwrap]# rm cgiwrapd
[root@www cgiwrap]# rm nph-cgiwrapd
[root@www cgiwrap]# ls -al
total 92
drwxr-xr-x 2 root root 1024 Aug 30 15:42 .
drwxr-xr-x 26 root root 1024 Jul 12 15:50 ..
-rwsr-xr-x 2 root root 44226 Jul 15 00:51 cgiwrap
-rwsr-xr-x 2 root root 44226 Jul 15 00:51 nph-cgiwrap
[root@www cgiwrap]# exit
logout
[admin@www admin]$ exit
__/__/__/__/__/__/__/__/__/__/__/