Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Arbitrary Code Execution in SQL-Ledger and LedgerSMB through redirects
From: Chris Travers <chris () metatrontech com>
Date: Sat, 27 Jan 2007 10:43:24 -0800
Separate from CVE-2006-5872, there is a possibility of causing arbitrary code execution during redirects. This requires a valid login to exploit and was discovered and brought to the attention of both the SQL-Ledger and LedgerSMB team in November. LedgerSMB 1.1.5 corred the problem, but it is still not corrected in SQL-Ledger.
There is no workaround to prevent the problem except to hope that those who are using vulnerable software can be trusted.
I will be sending a full disclosure of the problem, as well as an unofficial patch to SQL-Ledger in a week. 

Best Wishes,
Chris Travers
Metatron Technology Consulting

Attachment: chris.vcf
Description:

  By Date           By Thread  

Current thread:
  • Arbitrary Code Execution in SQL-Ledger and LedgerSMB through redirects Chris Travers (Jan 29)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]