SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   DansGuardian Webmin Module Vendors:   DansGuardian Webmin Module Project
DansGuardian Webmin Module 'edit.cgi' Lets Remote Authenticated Users Edit Arbitrary Files
SecurityTracker Alert ID:  1008669
SecurityTracker URL:  http://securitytracker.com/id/1008669
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jan 12 2004
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 0.5.9
Description:   An access control vulnerability was reported in the DansGuardian Webmin Module. A remote authenticated user can view and edit arbitrary files on the system.

It is reported that the DansGuardian Webmin Module 'edit.cgi' script can read and edit arbitrary files on the system. A remote authenticated user can invoke the script and supply a filename with an absolute path to edit a specified file.

A demonstration exploit URL is provided:

https://mywebminserver:10000/dansguardian/edit.cgi?file=[FILE]

The vendor credited 'FIST - flashsecurity' with reporting this flaw.

Impact:   A remote authenticated user can view and edit arbitrary files on the target system.
Solution:   The vendor has released a fixed version (0.5.9), available at:

http://sourceforge.net/project/showfiles.php?group_id=51969

Vendor URL:  sourceforge.net/tracker/index.php?func=detail&aid=869509&group_id=51969&atid=465236 (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  http://sourceforge.net/tracker/index.php?func=detail&aid=869509&group_id=51969&atid=465236


http://sourceforge.net/tracker/index.php?func=detail&aid=869509&group_id=51969&atid=465236

In bug #869509 it was reported that the DansGuardian 'edit.cgi' script can read arbitrary 
files on the system.

The report was submitted by 'FIST - flashsecurity'.

A demonstration exploit URL is provided:

https://mywebminserver:10000/dansguardian/edit.cgi?file=[FILE]


 > Date: 2004-01-07 14:39

 > Fixed in CVS. Fixed file is also attached. Version 0.5.9
 > will be released later this week with fix included. Thanks
 > for finding this!





 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC