Monkey Http Daemon

To: "Mr. Bugtraq" <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Monkey Http Daemon
From: Martin <broadcast@xxxxxxxxxxxxx>
Date: Wed, 04 Jun 2003 21:17:05 -0300
Delivered-to: zerbey@localhost.horry.org
Delivered-to: mailing list bugtraq@securityfocus.com
Delivered-to: moderator for bugtraq@securityfocus.com
Delivery-date: Thu, 05 Jun 2003 20:25:29 +0100
Envelope-to: zerbey@wibble.co.uk
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@securityfocus.com; run by ezmlm
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3.1) Gecko/20030527 Debian/1.3.1-2

<x-flowed>

After reading the PHP XSS "exploit" (I dont know if it qualifies as one)in phpinfo(), I found out that on the default page of the Monkey HttpDaemon, there is a Test of Supports section. Two links are included:

http://whateverhost/php/index.php
and
http://whateverhost/cgi-bin/test.pl

index.php just contains 'echo phpinfo(); '

Also, test.pl doesnt check for valid input on the forms, so you caninclude HTML code, etc. Pretty useless, I know, but I've been readingposts about this kind of stuff, so I thought i would throw in this.Found this on the version 0.7.1 version, the latest one i found onfreshmeat.net. I havent contacted the author since I dont know if thisis really a big deal or not.


Well, sorry for bothering and I hope I dont get flamed or anything

</x-flowed>

Prev by Date: Solaris syslogd overflow
Next by Date: Re: Tripbit Advisory TA-2003-05 Buffer Overflow Vulnerability in Pi3 Web Server v2.0.2 Beta 1
Previous by thread: Solaris syslogd overflow
Next by thread: Re: Tripbit Advisory TA-2003-05 Buffer Overflow Vulnerability in Pi3 Web Server v2.0.2 Beta 1
Index(es):
- Date
- Thread