Bugtraq mailing list archives
Re: Security problems with TWIG webmail system
From: João Gouveia <cercthar () TELEWEB PT>
Date: Thu, 30 Nov 2000 20:48:22 -0000
Hi, ----- Original Message ----- From: "Shaun Clowes" <shaun () securereality com au> To: <BUGTRAQ () SECURITYFOCUS COM> Sent: Thursday, November 30, 2000 8:25 AM Subject: Re: Security problems with TWIG webmail system (snip)
If I provide the exploit input via POST, or COOKIE I will achieve the same
effect,
simply checking GET is not enough. I would suggest my initial workaround
was
more suitable since it prevents ANY configuration information being
provided
by remote input, however the above suggestion could easily be extended
like
so: if( $vhosts[$SERVER_NAME] && !isset($HTTP_GET_VARS[vhosts]) && !isset($HTTP_POST_VARS[vhosts]) && !isset($HTTP_COOKIE_VARS[vhosts]))
That's not an option. Try this example script: <quote> <? echo "$HTTP_POST_VARS<br> $HTTP_GET_VARS<br> $HTTP_COOKIE_VARS"; ?> </quote> And call it like this: script.php?HTTP_GET_VARS=test&HTTP_POST_VARS=test&HTTP_COOKIE_VARS=test Or better yet: script.php?HTTP_GET_VARS=&HTTP_POST_VARS=&HTTP_COOKIE_VARS= Best regards, Joao Gouveia aka Tharbad.
Current thread:
- Re: Security problems with TWIG webmail system Glover, Mike (Dec 01)
- <Possible follow-ups>
- Re: Security problems with TWIG webmail system João Gouveia (Dec 01)
- Re: Security problems with TWIG webmail system Shaun Clowes (Dec 01)
- Re: Security problems with TWIG webmail system João Gouveia (Dec 01)
- Re: Security problems with TWIG webmail system Shaun Clowes (Dec 02)
- Re: Security problems with TWIG webmail system Rasmus Lerdorf (Dec 02)