httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Wilson <and...@tees.elsevier.co.uk>
Subject Re: WWW Form Bug Report: "Security bug involving ScriptAliased directories" on Linux
Date Thu, 02 Nov 1995 16:36:16 GMT
> ack sent... I can't seem to replicate the problem, but I thought
> I would share it with group, just in case someone else can 
> replicate it.  
> 
> I've asked for specifications on the type of system being run on
> as well as which modules are being included.
> 
> 
> >X-POP3-Rcpt: awm@luers.qosina.com
> >From: craig@craigster.com
> >To: awm@qosina.com
> >Date: Wed Nov  1 17:28:44 1995
> >Subject: WWW Form Bug Report: "Security bug involving ScriptAliased
> directories" on Linux
> >
> >Submitter: craig@craigster.com
> >Operating system: Linux, version: 1.2.13
> >Extra Modules used: none
> >URL exhibiting problem: http://www.apache.org//cgi-bin/access_count
> >
> >Symptoms:
> >--
> >If someone puts an extra "/" in a URL that points to 
> >an executable file in a ScriptAliased directory, the 
> >SOURCE of a Perl script (or binary information for 
> >compiled programs) is output as plain text.  

Yuk, right.  Some weird interraction of the u+x code possibly.

Or perhaps...

> >The problem occurs in both Netscape and Lynx.
> >
> >Please respond ASAP, as this is a serious security 
> >issue for us and we're looking for a fix.  We have 
> >triple-checked our configuration files, and don't 
> >see any problems on our end.  The bug is even evident 
> >APACHE.ORG's server.

Shit.  Someone check this ASAP?  I think it's a showstopper.


Mime
View raw message