 | ||||||
| << Previous | INDEX | Search | src | Set bookmark | Go to bookmark | Next >> |
| ||||||
| |||||||||||||||||||||
Date: Wed, 9 Feb 2000 01:56:03 +0700
From: Vanja Hrustic <vanja@relaygroup.com>
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: [SAFER 000209.EXP.1.2] Zeus Web Server - obtaining source of CGI scripts
__________________________________________________________
S.A.F.E.R. Security Bulletin 000209.EXP.1.2
__________________________________________________________
TITLE : Zeus Web Server - obtaining source of CGI scripts
DATE : February 09, 2000
NATURE : Remote user can obtain access to sources of CGI scripts
AFFECTED : Zeus Web Server 3.1.x and 3.3.x
FIXES : Zeus Web Server 3.3.5a is not vulnerable
DETAILS:
Sources of CGI scripts (and other files) can be read by any user, if the
'%00' string is appended to the name of the CGI script.
Following strings can also be appended in order to reveal the source:
%G0
%W0
%EW
%FG
%UW
%VG
PROBLEM:
The Zeus Web server is vulnerable to a problem that allows remote users
to see the source of CGI scripts. Any user can append '%00' to the name
of the CGI script and view the source. Files in directories that are
configured to contain executable scripts (/cgi-bin, for example) are not
the subject to this problem.
FIXES:
Zeus Technology has responded immediately, and fixed the problem in
matter of hours. It is really a pleasure to get such a quick response
from the vendor. All kudos to them.
The fixed version is available at:
ftp://ftp.zeustechnology.com/pub/products/z3
All customers are advised to upgrade.
__________________________________________________________
S.A.F.E.R. - Security Alert For Entreprise Resources
Copyright (c) 2000 The Relay Group
http://safer.siamrelay.com --- security@relaygroup.com
__________________________________________________________
| |||||||||||||||||||||
|
|