HC's Capture the Flag website
CTF Contests
25C3-CTF

25C3-CTF final results

Advisory #110

From team WiiPhonies

New advisory by : John_K
Affected service(s): ULTRASHARE
Severity [lmh] : high

===== Problem =====
UltraShare templates are writable by www-data user. Ruby code can be appended to the templates to access private data, and execute arbitrary code as www-data.
===== Impact =====
Remote code execution.
Arbitrary ruby code can be run as www-data user.
===== Fix =====
chown -R root /var/ultrashare/templates
chmod -R 644 /var/ultrashare/templates

Rating

[2] Yapp.

Go back

---

Impressum