Re: Security flaw in Count.cgi (wwwcount)

Jaroslav Benkovsky (benkovsk@PHA.PVT.CZ)
Mon, 13 Oct 1997 18:21:52 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jimbo Bahooli: "smurf.c ported to freebsd and friends"
Previous message: hyped: "broadcast ip scanning script"
Maybe in reply to: Razvan Dragomirescu: "Security flaw in Count.cgi (wwwcount)"

Razvan Dragomirescu wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi all,
>
> I have found a vulnerability in Muhammad A. Muquit's wwwcount version 2.3
> which allows remote users to read any GIF file on the server,
...

Temporary and very dirty fix is to apply something like

case SHOW_GIF_FILE:
{
+ PrintHeader();
+ StringImage("Images have been disabled");
+ exit(1);
+
if (*digit_info.gif_file == '\0')
{
PrintHeader();

to wwwcount2.3/main.c

(stupid, but maybe it helps to somebody). Btw, counter sources
are careless in many other cases.

I'm sorry if this seems stupid to you

Edheldil

Next message: Jimbo Bahooli: "smurf.c ported to freebsd and friends"
Previous message: hyped: "broadcast ip scanning script"
Maybe in reply to: Razvan Dragomirescu: "Security flaw in Count.cgi (wwwcount)"