TUCoPS :: Web BBS :: etc :: uboard2.htm

UltraBoard 2000 Personal Edition 2.11 bad permissions 
Vulnerability

    UltraBoard cgi

Affected

    UltraBoard 2000 Personal Edition version 2.11

Description

    Mat  found   following.    In  default   installation,   following
    Directories  below  ub2k  cgi   installtion  directory  have   777
    permission.

        ./Private/Skins
        ./Private/Database
        ./Private/Backups

    You can add  some cgi scripts  to theses directories  and can gain
    webserver uid.

Solution

    chmod 755  `find <ub2k  cgi directory>  -perm 777`  where ub2k cgi
    directory is the directory where you installed ub2k cgi files.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH