Problhma Security ...

[The Reverant]

Poli sinithismeni epithesi einai me to PHF pou brisketai sto /cgi-bin/. Dinontas
p.x. kapoios www.host.com/cgi-bin/phf?Qalias=x%0acat%20/etc/passwd mporei na dei
to passwd file mesa apo ton browser tou an exeis Apache. Apo ekei kai pera,
mporei na ektelesei suid programattakia (p.x. suid bash me allagmena onomata se
directory pou exei ftiaksei o idios.)


>
> >> Exw ena 486 PC me RedHat poy kanei host web pages kapoias mikrhs
> >> etaireias. Prin apo ligo kairo to eixan xakeriasei, eixan parei kai
> >> allaksei passwords, etc. To ksanaesthsa me Redhat 5.1 (paliotera eixe
> >> to 4.1) kai shmera ksanaegine h zhmia ...
> >> An kapoios exei antimetwpisei paromoio problhma, poia nomizei oti
> >> einai h kalyterh lysh gia to problhma.
> >> Tha lythei me firewalling, 'h isws me kati pio aplo / diaforetiko ?
>
>
>
> ====================================================================
> Gia boithia (h na diagrafhte) e-mail sto majordomo at hellug.gr
> Ta archives tis listas einai sto http://lists.hellug.gr
> prin steilete kapoia erothsh psakte mipos exei hdh apanththei.
> Gia opoiodipote problima stilte e-mail ston owner-linux-greek-users
> ====================================================================

--
====================================================================
Gia boithia (h na diagrafhte) e-mail sto majordomo at hellug.gr
Ta archives tis listas einai sto http://lists.hellug.gr
prin steilete kapoia erothsh psakte mipos exei hdh apanththei.
Gia opoiodipote problima stilte e-mail ston owner-linux-greek-users
====================================================================