[VIM] WebAPP Audit
George A. Theall
theall at tenablesecurity.com
Tue Mar 20 11:31:08 UTC 2007
On 03/20/07 07:01, security curmudgeon wrote:
> As most of you may have noticed, WebAPP has gone under a fairly heavy
> audit and the changelog for 0.9.9.5:
...
> I'm a bit curious who the 'professionals' were that did the audit
> leading to 0.9.9.6 and the details of the subsequent exploit.
I was looking at this last week. It seems like the WebAPP project has
forked, with two groups bickering over control. The people maintaining
webapp.net has been suggesting that the code as maintained by webapp.org
can be abused to compromise a system.
The maintainer of webapp.org solicited help from members of
blackcode.com, who I suspect are the "security professionals" refered to
in the advisory. Follow the fun here:
http://newbc.blackcode.com/forum/index.php?t=msg&th=1167
I haven't had a chance to look into the latest patch, but I did find two
vectors by which an authenticated attacker could execute arbitrary code
in version 0.9.9.5, but that's subject to the privileges of the web
server user id.
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list