lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu Oct 13 12:35:57 2005 From: Thierry at sniff-em.com (Thierry Zoller) Subject: WRT54G directory trasversial vulnerability Dear Shell, S> http://192.168.1.1/apply.cgi?action=../ S> It loads the page after action S> http://192.168.1.1/apply.cgi?action=../ returns the setup page S> http://192.168.1.1/apply.cgi?action=../blah returns that the file does not exist Could be reproduced while being autheticated. -- Mit freundlichen Gr??en Thierry Zoller mailto:Thierry@...ff-em.com