[Melbourne-pm] Security hole??

Raphael Alla raphael.alla at gmail.com
Sun Jan 29 02:33:01 PST 2006

If this script is called security.cgi, and you invoke it like this:
hostname/security.cgi?sub_name, then it will call the sub sub_name (it is a
call of sub by reference).

Potentially a user can call any sub from any module which it has available
to it. It is seen as a bad habit to give the right to anyone on the internet
to execute any sub on your system, yet I fail to find a practical threat
coming from this specific construct.


On 1/29/06, David Dick <david_dick at iprimus.com.au> wrote:
> Raphael Alla wrote:
> > *Let's condider the following perl cgi script. I cannot find a practical
> > way to use it as a security hole. Any suggestion?
> >
> > *#!/usr/bin/perl
> > my $sub = $ENV{QUERY_STRING};
> > &{$sub};
> maybe i'm just a little tired after the weekend, but this script would
> appear to not do anything apart from cause an error. What are you trying
> to achieve?

Raphael Alla
Mitija Australia
+61 4 15 678 576

Premium open source accounting for Australia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pm.org/pipermail/melbourne-pm/attachments/20060129/9de06c57/attachment.html

More information about the Melbourne-pm mailing list