[<prev] [next>] [month] [year] [list]
Date: Mon, 05 Feb 2007 19:53:43 -0800
From: Chris Travers <chris@...atrontech.com>
To: bugtraq@...urityfocus.com
Subject: Unofficial SQL-Ledger patch for CVE-2007-0667
This patch was made against SQL-Ledger 2.6.18 but just modifies a few
lines in the redirect() function in the Form.pm. I have decided that it
is probably best to release the patch and then wait a while before
releasing full disclosure. The author of SQL-Ledger has declined to use
this patch.
Best Wishes,
Chris Travers
diff -C3 -r sql-ledger-orig/SL/Form.pm sql-ledger/SL/Form.pm
*** sql-ledger-orig/SL/Form.pm 2007-02-05 18:20:34.000000000 -0800
--- sql-ledger/SL/Form.pm 2007-02-05 18:23:06.000000000 -0800
***************
*** 311,318 ****
if ($self->{callback}) {
! my ($script, $argv) = split(/\?/, $self->{callback});
! exec ("perl", $script, $argv);
} else {
--- 311,327 ----
if ($self->{callback}) {
! my ($script, $argv) = split(/\?/, $self->{callback});
! foreach (qw/admin.pl login.pl am.pl ap.pl ar.pl bp.pl ca.pl
! cp.pl ct.pl menu.pl gl.pl hr.pl ic.pl ir.pl
! is.pl jc.pl oe.pl pe.pl ps.pl rc.pl rp.pl/) {
! if ($_ =~ /(?:custom_)?$script/) {
! exec ("perl", $script, $argv);
! }
! }
! # $script not in whitelist
! $self->error('Access Denied!')
!
} else {
begin:vcard
fn:Chris Travers
n:Travers;Chris
email;internet:chris@...atrontech.com
tel;work:509-888-0220
tel;cell:509-630-7794
x-mozilla-html:FALSE
version:2.1
end:vcard
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux