[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: qDefense Advisory: DCForum allows remote read/write/execute

To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Re: qDefense Advisory: DCForum allows remote read/write/execute
From: MegaZone <megazone@MEGAZONE.ORG>
Date: Wed, 18 Apr 2001 20:40:49 -0000

> Solution:
> 
> Patch dcboard.cgi to remove double dots and
poison nulls
> 
> Disable uploading

Note that DCScripts released a security patch on
3/31/2001 designed to address these issues:

http://www.dcscripts.com/FAQ/sec_2001_03_31.html

-MZ

Prev by Date: Re: PIX Firewall 5.1 DoS Vulnerability
Next by Date: Re: OpenBSD 2.8 ftpd/glob exploit (breaks chroot)
Prev by thread: Re: PIX Firewall 5.1 DoS Vulnerability
Next by thread: Oracle8 denial of service
Index(es):
- Date
- Thread