|
COMMAND wwwoffle remote privilege escalation SYSTEMS AFFECTED 7.1, 7.2, 7.3, 8.0 PROBLEM In SuSE security announcement [SuSE-SA:2002:029] : The WWWOFFLE, World Wide Web Offline Explorer, program suite acts as a HTTP, FTP and Finger proxy to allow users with dial-up access to the internet to do offline WWW browsing. The parsing code of wwwoffled that processes HTTP PUT and POST requests fails to handle a Content Length value smaller then -1. It is believed that an attacker could exploit this bug to gain remote wwwrun access to the system wwwoffled is running on. SOLUTION As temporary workaround the wwwoffle daemon can be disabled the following way (as root): rcwwwoffle stop If wwwoffled is started at boottime, you have to modify your boot scripts too. Get the SuSE patch from [ftp://ftp.suse.com] for your platform, patch are available.