BugTraq
A security vulnerability in S8Forum Jan 05 2003 11:26AM
nmsh_sa canada com (1 replies)
Re: A security vulnerability in S8Forum Jan 07 2003 03:20AM
steve Watt COM (Steve Watt) (1 replies)
In article <20030105032650.16087.h011.c009.wm (at) mail.canada.com.criticalpath (dot) net [email concealed]> you write:
[ snip ]
>SOLUTION :
>==========
[ snip ]
> if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z
]{2,3})$",
>$email) && $email !=
>"") {

Please note that there are many more characters valid in the LHS of an
email address, for example +, that are often desirable. Disallowing
such addresses is a major nuisance. A beautiful example is the useful
feature in sendmail that allows user+whatever (at) dom (dot) ain [email concealed], which allows
users to invent infinite variations on their email address for tracking
spam database propagation.

In this particular application, the error is more widespread than the
fix you cite -- if you're going to allow random users to control file
names on your system, you certainly shouldn't put the contents somewhere
that a web server can directly find it.

That bit of software seems to need a major review.

--
Steve Watt KD6GGD PP-ASEL-IA ICBM: 121W 56' 57.8" / 37N 20' 14.9"
Internet: steve @ Watt.COM Whois: SW32
Free time? There's no such thing. It just comes in varying prices...

[ reply ]
Re: A security vulnerability in S8Forum Jan 08 2003 06:18PM
David Wilson (David Wilson isode com)


 

Privacy Statement
Copyright 2010, SecurityFocus