Bug in Eupload
From: [Zero_Byte] (zero_byte@interlap.com.ar)Date: 07/31/02
- Previous message: security@caldera.com: "Security Update: [CSSA-2002-032.0] Linux: temporary file races in libmm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 30 Jul 2002 20:16:44 -0300 From: "[Zero_Byte]" <zero_byte@interlap.com.ar> To: BugTraq <bugtraq@securityfocus.com>
People,
Hi! I found a bug in the Eupload CGI, and I written a little
paper with the explanation, explotation and solution.
In fact everything would be solved with making chmod "0", but in
the 90% it is not used; reason why it is easily exploitable.
I hope they enjoy it.
P.S: I apologize for my poor English; I am Argentinean and
I don't use it very well.
Greetings
Zero_Byte mailto:zero_byte@interlap.com.ar
------------------------------------
[Zero_Byte] zerobyte@agujero.com
El Agujero Negro. Secretos en la red.
==> http://agujero.com <==
------------------------------------
http://listas.agujero.com/lista/oscuro/alta
SUSCRIBETE!
- text/plain attachment: Bug_in_Eupload.txt
- Previous message: security@caldera.com: "Security Update: [CSSA-2002-032.0] Linux: temporary file races in libmm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
