Bugtraq mailing list archives
Re: ePerl: bad handling of ISINDEX queries
From: willer () INTERLOG COM (Steve Willer)
Date: Wed, 8 Jul 1998 14:32:58 -0400
On Wed, 8 Jul 1998, Andrew Pimlott wrote:
I notified the author of a variant of this bug last summer (which he fixed; see http://www.engelschall.com/sw/eperl/distrib/eperl-SNAP/ChangeLog). I honestly wouldn't trust eperl for a minute. These are very simple mistakes.This can lead to arbitrary Perl code being executed on the server.
To be honest, although I ended up not using ePerl, I would consider this mistake fairly understandable. I mean, I can't think of anywhere that still uses ISINDEX, so it's not that strange for it to fall out of a developer's mental space. I do want to make one point about the original bug report: If I read it correctly, then you will only be able to execute ePerl code, *not* Perl code. ePerl starts off in "plain text" mode, so anything until the ePerl-open tag will be output as plain text. Of course, this does mean that a user would be able to read an arbitrary file that's accessible to nobody, but it doesn't mean they can execute whatever they want -- only ePerl pages, which are usually written to be safe (since they're usually a Web page anyway).
Current thread:
- Sun libnsl lameness George Clooney (Jul 01)
- Re: Sun libnsl lameness nicholas harteau (Jul 01)
- pop_msg in debian/qpopper: core, but no exploit Herbert Rosmanith (Jul 02)
- Alert: ASP vulnerability with Alternate Data Streams Aleph One (Jul 02)
- ::$DATA ISAPI filter Aleph One (Jul 02)
- ePerl: bad handling of ISINDEX queries Tiago Luz Pinto (Jul 06)
- Re: ePerl: bad handling of ISINDEX queries Andrew Pimlott (Jul 08)
- Re: ePerl: bad handling of ISINDEX queries Steve Willer (Jul 08)
- notes on Port scanning Lloyd Vancil (Jul 08)
- WWW Authorization Gateway Albert Nubdy (Jul 08)
- Re: ePerl: bad handling of ISINDEX queries Andrew Pimlott (Jul 08)
- Re: Sun libnsl lameness Allanah Myles (Jul 06)
- Re: Sun libnsl lameness mib () DEAKIN EDU AU (Jul 08)
- Re: Sun libnsl lameness Scott Stubbs (Jul 09)
- Sun libnsl patches Mike Sorsen (Jul 09)
- Re: Sun libnsl lameness Matt Conover (Jul 08)
- DoS: ANS Interlock Firewall Chris A. Henesy (Jul 09)
- Administrivia Aleph One (Jul 09)
- Re: Sun libnsl lameness mib () DEAKIN EDU AU (Jul 08)
- <Possible follow-ups>
- Re: Sun libnsl lameness Andy Polyakov (Jul 03)
(Thread continues...)