On 13/12/2011 10:02 AM, Bart Trojanowski wrote: > 2011/12/13 Jean-François Bilodeau <jfbilod...@chronogears.com > <mailto:jfbilod...@chronogears.com>> > > May I recommend that instead of banning, you close the security hole? > Disable whatever is allowing content access via ?xxx=. > > > Doesn't that mean stopping apache? > > I am not a web developer of any means, but I think you can pass a > ?xxx= request to index.html. Since the .html is not dynamic, it will > just ignore the ?xxx= part. > > -Bart It should, but if the probe was successful with /?file=../../../../../../proc/self/environ%00, that tells me that the index may be a script (ie: index.php instead of index.html).
Another possibility is that the query string was indeed ignored, and there is no security hole. Jeff: have you tried to /?file=../../../../../../proc/self/environ%00 url? Did that return anything unwanted? J-F _______________________________________________ Linux mailing list Linux@lists.oclug.on.ca http://oclug.on.ca/mailman/listinfo/linux
