Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: Re: CGI Script Source Code Disclosure Vulnerability in Apache for Windows
From: nareshhacker () gmail com
Date: 17 Aug 2006 07:35:19 -0000
This _is_ a vulnerability.

Even though the common convention is never to include 'cgi-bin' within the document-root, still, many companies put 
'cgi-bin' inside the document-root assuming it to be a safe practice. 

No matter what the common convention is; the fact is, if the cgi-bin directory is marked as a Scripts folder with the 
ScriptAlias 'cgi-bin' (i.e. the same name as the directory), the user should be able to see the contents of the 
directory as scripts only. There shouldn't be any way to bypass the security mechanism to prevent execution of the 
files in that driectory.

IMHO, Apache must come up with a patch so that it can take care of the case-insensitivity of Windows systems rather 
than calling it a mis-configuration so as to provide more flexibility to the Apache admins.

- Naresh
--------------------------------------------------------------------------

This is not a security vulnerability in the server, but rather a serious
misconfiguration of the ScriptAlias Directive. ScriptAlias exists to
allow CGI scripts to be stored in a directory outside of the document
tree. Common convention is never to include cgi-bin within the document
tree.

Regards,
Joe Orton

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]