[ic] Security Problem in Interchange

Stefan Hornburg racke at linuxia.de
Mon Mar 29 10:45:00 EST 2004


On Mon, 29 Mar 2004 08:25:14 -0700
"Barry Treahy, Jr." <Treahy at mmaz.com> wrote:

> Stefan Hornburg wrote:
> 
> >Dear Interchange community !
> >
> >All versions of Interchange (4.8.x, 5.0.x, 5.1.x) contain a security hole
> >which allows an attacker to expose arbitrary variable contents by using
> >an URL like http://shop.example.com/cgi-bin/store/__SQLUSER__. 
> >
> >All Interchange applications using the standard "missing" special page
> >from the demo catalog or a similar one are vulnerable to this attack.
> >The attacker may learn the SQL access information for your Interchange
> >application and use this information to read and manipulate sensitive
> >data. 
> >
> >Attached are patches for the following Interchange versions:
> >
> >4.8.x:     Page-4.8.diff
> >  
> >
> I manually applied this patch to the 4.8.6 system I have running, 
> restarted IC, flushed my browser cache and still seeing the same 
> results...  any thoughts?

I'll investigate this. Do you see an error message in your global
log file ?

	Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



More information about the interchange-users mailing list