Version 2.16b is vulnerable to this attack as well.
My fix for this was to simply insert as line 45:
if($inhelpon =~ /\.\./) { &hackdetected; }
then at the bottome append:
sub hackdetected {
print "Content-type: text/plain\n\n";
print "sorry, this hole was patched :)\n";
print "you have been logged.\n";
exit;
}
Ok course you could change this to whatever..
All of the valid helpfiles should be in the same directory as help.cgi,
so this *should* work..
-darren
----------------------------------
E-Mail: [EMAIL PROTECTED]
http://n3t.net
"Finem Respice"
----------------------------------
