projects / m6w6 / m6w6.github.io / blob
? search:
summary | shortlog | log | commit | commitdiff | tree | github
history | raw | HEAD
initial commit
[m6w6/m6w6.github.io] / _posts / 2004-09-12-hordechora-major-vulnaribility.md
1 ---
2 title: HORDE::Chora major vulnaribility
3 author: m6w6
4 tags:
5 - PHP
6 ---
7
8 If you're running Hordes Chora **1.2** you should immediately upgrade your
9 Horde installation or temporarily disable CVS access through HTTP.
10
11
12 ### Unfiltered $_GET as shell argument
13 On a quick glance scripts like _diff.php_ seem to use unfiltered $_GET
14 parameters as shell command arguments, which will allow any remote user to
15 execute any command as webserver user.
16
17 A request like ~~<http://cvs.your.host/>... ~~ will reveal the process list of
18 the machine.
19
Hompage