[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Bug in Pagelog.cgi by Metertek

Title: Bug in Pagelog.cgi by Metertek
Released by: Mark Stratman
Date: 30th October 2000
Printable version: Click here
There is a small bug in PAGELOG.cgi by Metertek (Metertek@yahoo.com) which

allows users to create and view files.

Any file on the system with a '.log' extension readable by the uid/gid of

the webserver can be viewed. In addition, two files with extensions of

'.txt' and '.log' can be created in any directory on the system that is

writable by the web server.

This bug lies in the failure of the script to check for directory


Proofs of concept:

Viewing '.log' file:

Create a file 'a.log' in tmp.


This will let you view a.log

Creating files:


This will create blah.txt and blah.log in /tmp/

The script can be found at http://members.nbci.com/metertek/archive/


Mark Stratman (count0)



(C) 1999-2000 All rights reserved.