Big Brother file browsing Vulnerability

Big Brother is a loosely-coupled distributed set of tools for monitoring and displaying the current status of an entire network and notifying the admin should need be. A vulnerability in the CGI script bb-hist.sh, the new history viewer, can be exploited to allow the partial display of local files provided they are readable by the user id CGI scripts are executed under by the web server, and that they are text based.


 

Privacy Statement
Copyright 2010, SecurityFocus