Bugtraq mailing list archives
Re: cdrdao insecure filehandling
From: "Guillaume PELAT" <guillaume.pelat () intexxia com>
Date: Tue, 15 Jan 2002 10:45:46 +0100
"Jens Steube" <jsteube () lastflood com> wrote in message news:1010876960.3c40c220caef8 () troja dnsalias org...
--[ Bugs ]-- Cdrdao doesnt check for permissions when it trys to open a file as its "toc-file". So it was possible to open all Files on the System, but it skips the Output on its Error-Message. Maybe it is possible to trick to read all these Files.
I confirm it is possible to read all these files using show-data command. A proof of concept script is attached. -- Guillaume Pelat Security Expert INTEXXIA 171 Av. Georges Clemenceau 92024 NANTERRE CEDEX - FRANCE tel: +33 1 55 69 49 10 fax: +33 1 55 69 78 80 http://www.intexxia.com
Attachment:
show_file.sh
Description:
Current thread:
- cdrdao insecure filehandling Jens Steube (Jan 14)
- Re: cdrdao insecure filehandling Guillaume PELAT (Jan 15)
- Re: cdrdao insecure filehandling Anthony DeRobertis (Jan 15)
- Re: cdrdao insecure filehandling martin f krafft (Jan 16)
- Re: cdrdao insecure filehandling Luciano Miguel Ferreira Rocha (Jan 17)
- Re: cdrdao insecure filehandling Pavel Kankovsky (Jan 21)
- Re: cdrdao insecure filehandling martin f krafft (Jan 16)