Complete.Org: Mailing Lists: Archives: freeciv-dev: May 2002:
[Freeciv-Dev] Re: [Metaserver] scripting security hole (PR#1424)

[Freeciv-Dev] Re: [Metaserver] scripting security hole (PR#1424)

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]

To:	freeciv-dev@xxxxxxxxxxx
Cc:	bugs@xxxxxxxxxxxxxxxxxxx
Subject:	[Freeciv-Dev] Re: [Metaserver] scripting security hole (PR#1424)
From:	Stefan Schnetter <Schnetter@xxxxxxx>
Date:	Wed, 1 May 2002 10:29:47 -0700 (PDT)

> This is causing the browser to make a request for the file, so you will
> only be able to force it to grab files it can already grab.
You can readout e.g. Mozilla stored password file (or something else) of
every visitor and send it anywhere. My test exploit just display files (and it
dont work because it dont execute local).
 
> The metaserver shouldn't allow tags, but this isn't a security problem.
I am not a script kiddie or a security expert so i dont know an other
exploit that can really make damage.

It is possible to abuse it and if someone knows a danger exploit e.g. that
access server files - then it is a security problem.

I just tested php and it dont execute.

-- 
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net

[Prev in Thread]

Current Thread

[Next in Thread]

[Freeciv-Dev] Re: [Metaserver] scripting security hole (PR#1424), Stefan Schnetter <=
- [Freeciv-Dev] Re: [Metaserver] scripting security hole (PR#1424), Reinier Post, 2002/05/02
- [Freeciv-Dev] Re: [Metaserver] scripting security hole (PR#1424), Reinier Post, 2002/05/14

Prev by Date: [Freeciv-Dev] Re: [Metaserver] scripting security hole (PR#1424)
Next by Date: [Freeciv-Dev] Re: [Metaserver] scripting security hole (PR#1424)
Previous by thread: [Freeciv-Dev] Possible abuse with allowconnect/multiple controlling connections (PR#1426)
Next by thread: [Freeciv-Dev] Re: [Metaserver] scripting security hole (PR#1424)
Index(es):
- Date
- Thread