[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gnumed-devel] (no subject)

From: catmat
Subject: [Gnumed-devel] (no subject)
Date: Wed, 24 Nov 2004 10:31:31 +1100
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040913

looks like what a hacker has to do is to look at all the public applications at a web site, and then look at the download site of that application. If there is a recently updated application version, the hacker checks the security notices of that application version to see if there is an easy vulnerability to exploit.

+     # fix for Codev.SecurityAlertExecuteCommandsWithSearch
+     # vulnerability, search: "test_vulnerability '; ls -la'"
+     $theSearchVal =~ s/(^|[^\\])([\'\`])/\\$2/g;    # Escape ' and `
+     $theSearchVal =~ s/address@hidden(/$1\\\(/g;           # Defuse @( ... ) 
and $( ... )
+     $theSearchVal = substr($theSearchVal, 0, 1500); # Limit string length
     my $originalSearch = $theSearchVal;

It's pretty appalling that this vulnerability appears in a web application in 2004 , when in 2001 I attended a web design course which filled an auditorium ( > 300) , and they were all told to escape
all user input ,  especially if they are passing parameters to commands,
because of this type of vulnerability in web scripting languages.

What a sensational story ( maybe channel 7 will buy it?)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]