Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Another small metacharacter bug in Penguin Traceroute v1.0
From: Andreas Beck <becka () uni-duesseldorf de>
Date: Mon, 17 Jun 2002 19:26:33 +0200

Marco van Berkum <m.v.berkum () obit nl> wrote:
   this line "$host =~ s/[;<>\*\|'&\$!?#\(\)\[\]\{\}:'"\\]//g;" under it and
Well, yes, it does parse out some metacharacters, but, the " ` " (backtick)
is not filtered out in any way. (probably one of the two quotes " ' " should be
a backtick). Also the slash and the hyphen are not filtered.

Second fix: replace the second quote by a backtick and add slash and hyphen
to the filter :)

Umm - it's a traceroute-sort-of-thing - right? So why not fixing it with a 
whitelist instead of a blacklist?

Allowed domain names should be within [a-zA-z-.]* - right?
To cater for IPv6 one could add the colon (unless that poses a problem - 
I see it filtered out above ...), and be done with it.

CU, Andy

-- 
Andreas Beck             |  Email :  <becka () uni-duesseldorf de>


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]