Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 22 May 2013 12:50:18 -0400
From: The Doctor <drwho@...tadpt.net>
To: oss-security@...ts.openwall.com
Subject: Re: Fwd: [Full-disclosure] Thttpd 2.25b Directory
 Traversal Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/22/2013 09:29 AM, Vitezslav Cizek wrote:

> Are you sure? I fail to reproducet the problem.
> 
> How do you use lynx? Do you prepend "http://" to the url? Otherwise
> lynx won't connect over network and will default to local
> filesystem.
> 
> For example: $ lynx -dump "google.com:80/../../../../etc/passwd" 
> wil get you you're local /etc/passwd

For what it's worth, I'm getting the same results with the same
version of thttpd.

$ lynx -dump drwho.virtadpt.net:80/../../../../../../../../etc/passwd
root:*:0:0:Charlie &:/root:/bin/ksh
daemon:*:1:1:The devil himself:/root:/sbin/nologin
operator:*:2:5:System &:/operator:/sbin/nologin
bin:*:3:7:Binaries Commands and Source,,,:/:/sbin/nologin
smmsp:*:25:25:Sendmail Message Submission
Program:/nonexistent:/sbin/nologin
popa3d:*:26:26:POP3 Server:/var/empty:/sbin/nologin
sshd:*:27:27:sshd privsep:/var/empty:/sbin/nologin
...blah blah blah...

versus:

$ lynx -dump
http://drwho.virtadpt.net:80/../../../../../../../../etc/passwd

                                  Bad Request

   Your browser sent a request that this server could not understand.

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

"Am I missing an eyebrow?"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlGc90oACgkQO9j/K4B7F8GgcQCgrgdV2puuyGh7P3t8tIaqRIXx
xHQAoNRvkLreR5OOFukhEsiUFLtUy/V3
=n8K3
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.