I don't think that is a vulnerability.
The file /etc/master.passwd has read access for all users. Monitor can also
read it in a ssh session.
I you try that URL in a file with, let's say, 660 permissions you get a
blank page.
Regards
Jorge
-----Mensaje original-----
De: Jonas Eriksson [mailto:je (at) sekure (dot) net [email concealed]]
Enviado el: Miercoles, 23 de Abril de 2003 15:27
Para: bugtraq (at) securityfocus (dot) com [email concealed]
Asunto: Nokia IPSO Vulnerability
There is a remote security vulnerability in the Nokia IPSO operating
system.
Anyone with access to the webgui (Voyager) on the Nokia IP-box
can read any file on the system.
For example, login as the user 'monitor' (disabled by default)
and use the readfile.tcl to read any file:
The file /etc/master.passwd has read access for all users. Monitor can also
read it in a ssh session.
I you try that URL in a file with, let's say, 660 permissions you get a
blank page.
Regards
Jorge
-----Mensaje original-----
De: Jonas Eriksson [mailto:je (at) sekure (dot) net [email concealed]]
Enviado el: Miercoles, 23 de Abril de 2003 15:27
Para: bugtraq (at) securityfocus (dot) com [email concealed]
Asunto: Nokia IPSO Vulnerability
There is a remote security vulnerability in the Nokia IPSO operating
system.
Anyone with access to the webgui (Voyager) on the Nokia IP-box
can read any file on the system.
For example, login as the user 'monitor' (disabled by default)
and use the readfile.tcl to read any file:
http://x.x.x.x/cgi-bin/readfile.tcl?file=/etc/master.passwd
Tested on IPSO 3.6-FCS6
Regards,
Jonas Eriksson
http://sekure.net
[ reply ]