Re: multiple vulnerabilities in un-cgi

[Carlo Strozzi <carlos () texne com>]

On Tue, Jul 17, 2001 at 12:48:12PM +0200, Khamba Staring wrote:
> 1. uncgi does no relative directory checking; this means anyone can
>    execute any program on the remote system as the http user (to some
>    extent, permission wise of course) using the simple dot-dot-slash trick.

Can you provide the exploit code please ? I was not able to reproduce
the problem. I've tried with things like ../ and %2E%2E%2F but neither
worked, at least with Apache. All I get is the usual '404 Not Found' message.

cheers,
carlo
-- 
Per visualizzare il messaggio correttamente impostare il font Courier.
To display the message correctly please set the Courier font.