VULHUB ™

Gnatsweb is a web-based interface to the GNU bug management system 'Gnats'. In recent versions of Gnatsweb, a new help system has been implemented. This help system contains a vulnerability that can allow remote attackers to view arbitrary files on webservers running gnatsweb. The value of the 'help_file' HTML variable is passed directly to the open() perl function when a help file is being opened. It is thus possible for remote attackers to submit requests that will cause command execution or disclosure of arbitrary webserver readable files on the host running Gnatsweb. This vulnerability could allow an attacker to gain 'local' access to the host. It is significantly easier to compromise the entire system if local access is obtained.

Gnatsweb is a web-based interface to the GNU bug management system 'Gnats'. In recent versions of Gnatsweb, a new help system has been implemented. This help system contains a vulnerability that can allow remote attackers to view arbitrary files on webservers running gnatsweb. The value of the 'help_file' HTML variable is passed directly to the open() perl function when a help file is being opened. It is thus possible for remote attackers to submit requests that will cause command execution or disclosure of arbitrary webserver readable files on the host running Gnatsweb. This vulnerability could allow an attacker to gain 'local' access to the host. It is significantly easier to compromise the entire system if local access is obtained.