Full Disclosure mailing list archives
Re: Links smbclient command execution
From: Mikulas Patocka <mikulas () artax karlin mff cuni cz>
Date: Thu, 30 Nov 2006 00:02:29 +0100 (CET)
On Wed, 29 Nov 2006, Mikulas Patocka wrote: > Hi >> I fixed it in Links 1.00pre19 (at > http://artax.karlin.mff.cuni.cz/~mikulas/links/download/) and Links 2.1pre25 > (at http://links.twibright.com/download/) --- please check it.>> I changed it to refuse '"' and ';' from file path. I hope that user name and > password at smbclient command line cannot be used to execute arbitrary code, > but if you have other information, contact me.> > Mikulas Hello, links-2.1pre25 still seems vulnerable to the "smb" vulnerability. The ChangeLog doesn't mention anything about fixing it, smb.c has a timestamp from November 2005, and the exploit posted earlier still works. Regards, Ulf Härnhammar
Oops, I forgot to upload it yesterday. It's there now under name links-2.1pre26. If you have any other ideas how it could be broken, tell me.
Mikulas
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Links smbclient command execution Teemu Salmela (Nov 14)
- <Possible follow-ups>
- Re: Links smbclient command execution Mikulas Patocka (Nov 28)
- Re: Links smbclient command execution Mikulas Patocka (Nov 29)