IHS

Google Search: filetype:cgi inurl:tseekdir.cgi

ujen rates this entry 4 out of 10.
Submitted: 2004-09-21 00:00:00
Added by: ujen
Hits: 1934
Score: 4

The Turbo Seek search engine has a vulnerability. The removed user can look at the contents of files on target. A removed user can request an URL with name of a file, which follows NULL byte (%00) to force system to display the contents of a required file, for example:/cgi-bin/cgi/tseekdir.cgi?location=/etc/passwd%00/cgi-bin/tseekdir.cgi?id=799*location=/etc/passwd%00 More: http://www.securitytracker.com/alerts/2004/Sep/1011221.html

Comments:

Donor Wall
Donate to the Wall

Donation Amount:
(Currency: USD)

Repeat Donation: x

Put my Donation on the Recognition Wall

Show on Wall:

Name:

Email:

Website:

Comments:

Write your comment within 199 characters.
Donor Cloud
Finanz-Duell LVM Berlin Tanzen Berlin Webdesign Berlin
Donate, get linked, feed a child!
All proceeds go directly to our Kenya food for work program.

USD

Click here to learn more about the donor cloud.
Donations

Make a general donation

Or Support the Longs directly!
Member Login
Username:
Password:
Remember me
- Lost your password?
- Subscribe

Home of Johnny Long and Hackers for Charity, Inc

Donor Wall

Donate to the Wall

Donations

Recent Comments

IHS

Home of Johnny Long and Hackers for Charity, Inc

Donor Wall

Donate to the Wall

Donations

Member Login

Recent Comments