Article ID: 115857, created on Mar 28, 2013, last review on May 10, 2014
- Applies to:
- Confixx Professional 3
There is 'write anywhere' vulnerability introduced by Confixx's usage of Apache CustomLog directive. When writing to a log, Confixx uses an HTTP header field 'Host' to construct access log file name. "Host" is formed on client side and can be modified to point to an arbitrary file on local file system.
Replace the file /root/confixx/pipelog.pl with the attached one.