hi,all
I have got several questions here,and maybe you can give me some advice.
What I am trying to do is write a product which can communicate with ODBC Socket
Server,
a win32 server application that allow applications to have access to Data Sources
managed by Windows ODBC
DataSource
Found vulnerability: retrieve a full path to local files in Zope.
---[ Example 1 (Linux):
telnet www.zope.org 80
PROPFIND / HTTP/1.0
F
G
H
J
K
L
HTTP/1.0 500 Internal Server Error
Server: Zope/Zope 2.3.2 (source release, python 1.5.2, linux2) ZServer/1.1b1
Date: Mon, 10 Sep 2001 15:38:59 GMT
C
Do others consider this a vulnerability? While it reveals more
information than people might want, I'm curious about scenarios under
which it could be exploited.
If any of you know of something *specific*, meaning it's a genuinely
exploitable vulnerability, please email me or Brian Lloyd
([
I just took a look at ODBC Socket Server, which I had never seen before.
Pretty interesting! Here's some comments.
1) It looks like socket server opens a new socket for processing every
request. In this respect, it goes against one of the benefits of
database adapters, which keep a persis
On Sun, Sep 23, 2001 at 10:36:33AM -0400, Paul Everitt wrote:
>
> Do others consider this a vulnerability? While it reveals more
> information than people might want, I'm curious about scenarios under
> which it could be exploited.
>
> If any of you know of something *specific*, meaning it's
Example:
http://www.zope.org/Documentation/alert(document.domain)
http://www.zope.org/lalalalalalert(document.domain)
http://www.zope.org/alert(document.cookie)
For example, an attacker might post a message like
Hello message board. This is a message.
malicious code
> Do others consider this a vulnerability?
Yup... especially given the hard-coded (sigh) error page returned for
authentication error gives out this information :-(
Chris
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/list
> Hello message board. This is a message.
>malicious code
> This is the end of my message.
I don't really see your point other than a carelessly implemented app may
expose these kind of vulnerabilities. Python (and hence Zope) has a library
for stripping out this s
Vulnerability: attacking can get file list and directory
Tested on Win32 platform
Example:
telnet zopeserver 8080
PROPFIND / HTTP/1.0
< list files and directory >
This tested on my site:
security.instock.ru 8080
___
Zope-Dev maillist - [EMAIL P
Joachim Werner wrote:
[snip]
> What I haven't found on the CVS site yet is anything about peer-reviewing
> contributions before they go into the main tree. While I sometimes have the
> feeling that there are fixes from ZC people that should NOT have made it
> into a release, there are many patche
Aargh,
I sent that first to [EMAIL PROTECTED] ...
>> Hello message board. This is a message.
>>malicious code
>> This is the end of my message.
> I don't really see your point other than a carelessly implemented app may
> expose these kind of vulnerabilities. Pyt
Haven't we been complaining about this automatic appending of tracebacks for
a while? To me this is what log files are for but Im not sure what this
guy is on. I wouldnt count this as a "security vulnerability".
- Original Message -
From: "Chris Withers" <[EMAIL PROTECTED]>
To: "Paul
What does this have to do with Zope? Its down to an individual application.
- Original Message -
From: "ALife" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, September 23, 2001 10:23 AM
Subject: [Zope-dev] New: Cross Site Scripting vulnerability
>
> Example:
>
> http://www
> I imagine that the group will decide rules on peer reviewing. For
> comparison, the Mozilla group has very elaborate rules for checkins,
> while Python has pretty much an innocent until proven guilty culture.
> (That is, you check something in, and if somebody complains, it gets
> removed.)
>
> Example:
>
> http://www.zope.org/Documentation/alert(document.domain)
> http://www.zope.org/lalalalalalert(document.domain)
> http://www.zope.org/alert(document.cookie)
>
> For example, an attacker might post a message like
>
> Hello message board. This is a message.
>ma
> Vulnerability: attacking can get file list and directory
> Tested on Win32 platform
>
> Example:
> telnet zopeserver 8080
> PROPFIND / HTTP/1.0
>
>
>
>
> < list files and directory >
>
> This tested on my site:
> security.instock.ru 8080
This one really seems to be the old "WebDAV is not sa
16 matches
Mail list logo
