Bugtraq mailing list archives

Re: EZ Shopper 3.0 shopping cart CGI remote command execution

From: ahg () CVZOOM NET (Alex Heiphetz)
Date: Mon, 28 Feb 2000 12:43:08 -0500


At 09:42 AM 2/27/00 +0000, suid () SUID KG wrote:

suid () suid kg - EZ Shopper 3.0 remote command execution.


<...>

Workaround:

      The vendor, AHG Inc, has released a fixed version, download it from
      their website and install the fixed version.


Correction: clients are notified and patch is being sent via e-mail.
Help with installation offered.

Regards,
AH

Current thread:

Wordpad vulnerability, exploitable also in IE for Win9x Georgi Guninski (Feb 23)
- Re: Wordpad vulnerability, exploitable also in IE for Win9x Kevin Day (Feb 23)
- Re: Wordpad vulnerability, exploitable also in IE for Win9x Scott (Feb 23)
  - How the password could be recover using FTP Explorer's registry! Nelson (Feb 24)
    - Re: How the password could be recover using FTP Explorer's registry! Seth R Arnold (Feb 25)
    - Re: How the password could be recover using FTP Explorer's registry! Rishi Lee Khan (Feb 27)
    - Re: How the password could be recover using FTP Explorer's registry! Mikael Olsson (Feb 26)
    - Re: How the password could be recover using FTP Explorer's registry! Jeffrey Paul (Feb 28)
    - lynx - someone is deaf and blind ;) Michal Zalewski (Feb 27)
    - EZ Shopper 3.0 shopping cart CGI remote command execution suid () SUID KG (Feb 27)
    - Re: EZ Shopper 3.0 shopping cart CGI remote command execution Alex Heiphetz (Feb 28)
    - W2K & ~25000+ temp files = crash + corruption? Clifford Hammerschmidt (Feb 28)
    - ALERT!: TendMicro InterScan (DOS & intrusion) Veille Technologique (Feb 28)
    - Advisory: Foundry Networks ServerIron TCP/IP sequence predictability Andrew van der Stock (Feb 27)
  - Zonealarm exports sensitive data Andrew Daviel (Feb 24)
    - Re: Zonealarm exports sensitive data Brett Glass (Feb 25)
    - Re: Zonealarm exports sensitive data Robert Graham (Feb 28)
  - Re: Wordpad vulnerability, exploitable also in IE for Win9x Curtis Anderson, CNE, MCSE (Feb 25)
  - Troj_Trinoo and ZZ Simple Nomad (Feb 25)
    - man bugs might lead to root compromise (RH 6.1 and other boxes) Michal Zalewski (Feb 26)
    - Re: man bugs might lead to root compromise (RH 6.1 and other boxes) Mark Whitis (Feb 27)

(Thread continues...)