Bug#68418: marked as done (FWD: [ Hackerslab bug_paper ] ntop web mode vulnerabliity)
Your message dated Tue, 12 Sep 2000 22:13:19 +0200 (CEST)
with message-id <Pine.NEB.4.21.0009122207540.6856-100000@gaia.fachschaften.tu-muenchen.de>
and subject line These bugs are already fixed
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Darren Benham
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 2 Aug 2000 17:48:32 +0000
>From joey@kitenet.net Wed Aug 02 12:48:32 2000
Return-path: <joey@kitenet.net>
Received: from adsl-63-193-116-241.dsl.snfc21.pacbell.net (kitenet.net) [63.193.116.241] (postfix)
by master.debian.org with esmtp (Exim 3.12 2 (Debian))
id 13K2d6-0005KL-00; Wed, 02 Aug 2000 12:48:32 -0500
Received: by kitenet.net (Postfix, from userid 500)
id A127EBC037; Wed, 2 Aug 2000 10:48:28 -0700 (PDT)
Date: Wed, 2 Aug 2000 10:48:28 -0700
From: Joey Hess <joeyh@debian.org>
To: submit@bugs.debian.org
Cc: security@debian.org
Subject: FWD: [ Hackerslab bug_paper ] ntop web mode vulnerabliity
Message-ID: <20000802104828.K11452@kitenet.net>
Mail-Followup-To: Joey Hess <joeyh@debian.org>, submit@bugs.debian.org,
security@debian.org
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.2i
Sender: joey@kitenet.net
Delivered-To: submit@bugs.debian.org
Package: ntop
Severity: grave
I have verified this bug report -- fixing it is my utter top priority,
but I'd be very happy if someone else fixes it first.
----- Forwarded message from root <root@DOGFOOT.HACKERSLAB.ORG> -----
From: root <root@DOGFOOT.HACKERSLAB.ORG>
Date: Wed, 2 Aug 2000 17:50:35 +0900
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: [ Hackerslab bug_paper ] ntop web mode vulnerabliity
Reply-To: root <root@DOGFOOT.HACKERSLAB.ORG>
================================================================================
[ Hackerslab bug_paper ] ntop web mode vulnerabliity
================================================================================
Command : /sbin/ntop -w <port>
SYSTEM : N/A
INFO :
ntop - display top network users
-w
Starts ntop
in web mode. Users can attach their web
browsers to the specified port and browse traffic infor
mation remotely. Supposing to start ntop
at the port 3000
(ntop -w 3000), the URL to access is http://host;
name:3000/. The file ~/.ntop specifies the HTTP
user/password of those people who are allowed to access
ntop. If the ~/.ntop file is missing no security will be
used hence everyone can access traffic information. A
simple .ntop file is the following: # # .ntop File format
# # user<tab>/<space>pw # # luca linux Please note
that an HTTP server is NOT needed in order to use the
program in interactive mode.* 'bdf' program has SUID permission.
If use 'ntop' in web mode, it's web root is "/etc/ntop/html".
It's web mode is not check URL path.
So if URL is "http://URL:port/../../shadow";, remote user will read all file.
"everyone can access traffic information" !!!
If ntop use for public, anyone read all files.
==-------------------------------------------------------------------------------==
*********
* ** ** *
* ** ** *
* ******* *
* ** ** * dubhe@hackerslab.org
* ** ** * [ http://www.hackerslab.org ]
********* HACKERSLAB (C) since 2000
==-------------------------------------------------------------------------------==
----- End forwarded message -----
--
see shy jo
---------------------------------------
Received: (at 68418-done) by bugs.debian.org; 12 Sep 2000 20:13:23 +0000
>From bunk@fs.tum.de Tue Sep 12 15:13:23 2000
Return-path: <bunk@fs.tum.de>
Received: from nilpferd.fachschaften.tu-muenchen.de [::ffff:129.187.176.79]
by master.debian.org with smtp (Exim 3.12 1 (Debian))
id 13YwQk-0006rA-00; Tue, 12 Sep 2000 15:13:22 -0500
Received: (qmail 7321 invoked from network); 12 Sep 2000 20:13:19 -0000
Received: from gaia.fachschaften.tu-muenchen.de (129.187.176.73)
by nilpferd.fachschaften.tu-muenchen.de with SMTP; 12 Sep 2000 20:13:19 -0000
Date: Tue, 12 Sep 2000 22:13:19 +0200 (CEST)
From: Adrian Bunk <bunk@fs.tum.de>
X-Sender: bunk@gaia.fachschaften.tu-muenchen.de
To: 37508-done@bugs.debian.org, 50826-done@bugs.debian.org,
53519-done@bugs.debian.org, 53884-done@bugs.debian.org,
58447-done@bugs.debian.org, 60281-done@bugs.debian.org,
61629-done@bugs.debian.org, 62286-done@bugs.debian.org,
68418-done@bugs.debian.org, 68916-done@bugs.debian.org,
69363-done@bugs.debian.org, 70537-done@bugs.debian.org,
71097-done@bugs.debian.org, 71328-done@bugs.debian.org,
69842-done@bugs.debian.org, 70761-done@bugs.debian.org
Subject: These bugs are already fixed
Message-ID: <Pine.NEB.4.21.0009122207540.6856-100000@gaia.fachschaften.tu-muenchen.de>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Delivered-To: 68418-done@bugs.debian.org
These bugs are already fixed.
cu,
Adrian
--
A "No" uttered from deepest conviction is better and greater than a
"Yes" merely uttered to please, or what is worse, to avoid trouble.
-- Mahatma Ghandi
Reply to: