1410Re: Preventing package name traversal attacks
- Apr 10, 2002I have access to two versions of SOAP::Lite, one is 0.46 and one is
0.52. I have found 0.52 to be vulnerable to the phrack exploit, yet
0.46 seems to perform some type of validation and hence is not
affected by the exact problem. This is quite a good thing, as last
time I checked ActiveState was still shipping 0.46 with their
distribution and making no later version available via PPM.
When I try the exploit on a SOAP::Lite 0.46 server, I recieve the
following fault message in reply ( dumped via Data::Dumper's
'faultcode' => 'SOAP-ENV:Client',
'detail' => 'SOAPAction shall match \'uri#method\' if present',
'faultstring' => 'Bad SOAPAction',
'faultactor' => 'http://hostname:port/'
If anyone has further information on this, or has seen a working
exploit on this version, please let me know.
- << Previous post in topic