Re: Security flaw in Count.cgi (wwwcount)

Jaroslav Benkovsky (benkovsk@PHA.PVT.CZ)
Mon, 13 Oct 1997 18:21:52 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: lee@SWIFTMAIL.COM: "Re: HP Laserjet 4M Plus DirectJet Problem"
Previous message: hyped: "broadcast ip scanning script"
Maybe in reply to: Razvan Dragomirescu: "Security flaw in Count.cgi (wwwcount)"

Razvan Dragomirescu wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi all,
>
> I have found a vulnerability in Muhammad A. Muquit's wwwcount version 2.3
> which allows remote users to read any GIF file on the server,
...

Temporary and very dirty fix is to apply something like

          case SHOW_GIF_FILE:
          {
+             PrintHeader();
+             StringImage("Images have been disabled");
+             exit(1);
+
              if (*digit_info.gif_file == '\0')
              {
                  PrintHeader();

to wwwcount2.3/main.c

(stupid, but maybe it helps to somebody). Btw, counter sources
are careless in many other cases.

I'm sorry if this seems stupid to you

                                        Edheldil

Next message: lee@SWIFTMAIL.COM: "Re: HP Laserjet 4M Plus DirectJet Problem"
Previous message: hyped: "broadcast ip scanning script"
Maybe in reply to: Razvan Dragomirescu: "Security flaw in Count.cgi (wwwcount)"