EEVblog Electronics Community Forum
A Free & Open Forum For Electronics Enthusiasts & Professionals
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email
?
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
This topic
This board
Entire forum
Google
Bing
Home
Help
Search
About us
Links
Login
Register
EEVblog Electronics Community Forum
»
EEVblog
»
EEVblog Specific
»
Security issue on eevblog.com
« previous
next »
Print
Search
Pages: [
1
]
Go Down
Author
Topic: Security issue on eevblog.com (Read 2617 times)
0 Members and 1 Guest are viewing this topic.
azrimola
Contributor
Posts: 12
Security issue on eevblog.com
«
on:
January 17, 2012, 11:20:47 pm »
Hello,
if you visit
http://www.eevblog.com/page/2/
and have a look at the bottom link pointing to either "« Older Entries" or "Newer Entries »" you will see that there is an extra URL parameter appended to both of the links.
One example of such link is:
http://www.eevblog.com/page/3/?file=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00
This at least indicates a failed attempt of running an exploit described here:
http://www.thesecuritysamurai.com/2011/02/24/the-procselfenviron-vulnerability-by-cesar-salas-stillsecure-soc-analyst/
Logged
EEVblog
Administrator
Posts: 37740
Country:
Re: Security issue on eevblog.com
«
Reply #1 on:
January 18, 2012, 12:45:08 am »
Thanks
Yes, I am aware of this and need to look into how to fix it.
Dave.
Logged
Print
Search
Pages: [
1
]
Go Up
« previous
next »
Share me
Smf
EEVblog Electronics Community Forum
»
EEVblog
»
EEVblog Specific
»
Security issue on eevblog.com
There was an error while thanking
Thanking...
EEVblog Main Site
EEVblog on Youtube
EEVblog on Twitter
EEVblog on Facebook
EEVblog on Odysee