[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Security hole in Confixx backup script

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] Security hole in Confixx backup script
From: Dirk Pirschel <dirk@xxxxxxxxxxx>
Date: Fri, 25 Jun 2004 15:08:34 +0200

Hi,

I found a security hole in Confixx.  A malicious backup request via the
webinterface might be used by any user to read files located in /root
(which is the default installation directory of confixx).

The most interesting files you can retrieve with this attack are:
  /root/confixx/safe/shadow.tmp
  /root/confixx/safe/shadow_header
These files are used to build /etc/shadow, i.e. they contain all
(encrypted) passwords used on this host.

SWSoft has been informed yesterday at 22:30 (CET).

If you are using confixx, you should disable the backup script.

-Dirk

-- 
Linux - The choice of a GNU generation

Attachment: pgp00072.pgp
Description: PGP signature

Prev by Date: Re: [Full-Disclosure] VX: Old worm in new shoes (AntiQFX)
Next by Date: Re: [Full-Disclosure] defamatory joe job attack by botnet
Previous by thread: RE: [Full-Disclosure] VX: Old worm in new shoes (AntiQFX)
Next by thread: Re: [Full-Disclosure] New malware to infect IIS and from there jump to clients
Index(es):
- Date
- Thread