<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Bugtraq: Re: [ Hackerslab bug_paper ] ntop web mode vulnerabliity

Re: [ Hackerslab bug_paper ] ntop web mode vulnerabliity

From: Vanja Hrustic <vanja_at_RELAYGROUP.COM>
Date: Wed, 2 Aug 2000 23:10:42 +0700

On Wed, 2 Aug 2000, root wrote:

> It's web mode is not check URL path.
>
> So if URL is "http://URL:port/../../shadow", remote user will read all file.
>
> "everyone can access traffic information" !!!

Would you mind specifying the version of ntop you have tested?

The problem above has been reported to the author 2 (or even more) months
ago, and it has been fixed immediately. There were few other security
related issues which have been fixed as well in past few months.

I have just tried version 1.3.1, and it properly returns 401 code when
trying to access '..' paths.

Looks like you have been testing some older version.

Regards,

Vanja
Received on Aug 02 2000

This message: [ Message body ]
Next message: Ryan Fox: "Re: Windows 9x? (Re: Microsoft Security Bulletin (MS00-047))"
Previous message: Bob Wickline: "Sun Security Bulletin #00195 (fwd)"
In reply to: root: "[ Hackerslab bug_paper ] ntop web mode vulnerabliity"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]