Vulnerability Development mailing list archives
Re: New Remote Hole found in Berkeley Fingerd!
From: Olaf Kirch <okir () caldera de>
Date: Wed, 21 Nov 2001 13:11:45 +0100
On Tue, Nov 20, 2001 at 11:23:26PM +0000, vuln-dev wrote:
this weaknesses known to public sector (not disk sector hehehe) so problem may be fixed in reliable manner. We invent several fuzz testing tool for remote daemon and we thus are able to stress test application for security. GOBBLES LABS uses proprietary artificial intelligence tool to aid in enumeration of remote host banner and then able to identify flaw through new
Highly amusing. Really.
program: Berkeley finger.cgi website: http://www.csua.berkeley.edu/cgi-bin/finger?source
First off, this is not the Berkeley fingerd. Period. What this ADVISORY (tadaa) is about is some lame cgi script, and the script looks a lot like the lame old finger.cgi that was shipped with the CERN httpd in the early 90s. Boys, this bug is ancient. It's so old it even stopped smelling bad. This doesn't mean though that whoever currently maintains the script has a lot of security clue either. And no, it's not enough to just exclude newlines either. Think $(...). Think - and @ which can be used in finger -l and finger @. Sigh. Olaf "I want a fuzz tool too" Kirch -- Olaf Kirch | --- o --- Nous sommes du soleil we love when we play okir () monad swb de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax okir () caldera de +-------------------- Why Not?! ----------------------- UNIX, n.: Spanish manufacturer of fire extinguishers.
Current thread:
- New Remote Hole found in Berkeley Fingerd! vuln-dev (Nov 20)
- Re: New Remote Hole found in Berkeley Fingerd! 3APA3A (Nov 21)
- Re: New Remote Hole found in Berkeley Fingerd! Olaf Kirch (Nov 21)
- <Possible follow-ups>
- RE: New Remote Hole found in Berkeley Fingerd! Graeme Fowler (Nov 21)