Mageia Bugzilla – Attachment 6459 Details for
Bug 15503
tcl-tcllib new XSS security issue
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
test log for 64 bit test
Text File (text/plain), 2.91 KB, created by
Vladimir Zawalinski
on 2015-05-07 09:35:25 CEST
(
hide
)
Description:
test log for 64 bit test
Filename:
MIME Type:
Creator:
Vladimir Zawalinski
Created:
2015-05-07 09:35:25 CEST
Size:
2.91 KB
patch
obsolete
>% wish -f testtcl.cgi >Error in startup script: can't find package ncgi > while executing >"package require ncgi" > (file "testtcl.cgi" line 2) >child process exited abnormally >% urpmi tcl-tcllib > > > $MIRRORLIST: media/core/release/tcl-tcllib-1.13-3.mga4.noarch.rpm >installing tcl-tcllib-1.13-3.mga4.noarch.rpm from /var/cache/urpmi/rpms >Preparing... ############################################# > 1/1: tcl-tcllib ############################################# >% wish -f testtcl.cgi >Content-Type: text/html > ><textarea name="ta"></textarea> > >textarea >ta >Error in startup script: invalid command name "command" > while executing >"command exit" > (file "testtcl.cgi" line 10) >child process exited abnormally >% ^C >[root@localhost Documents]# ls >hello.cgi html.tcl n2t.sh t2n.sh testtcl.cgi Text File >[root@localhost Documents]# cd n2t.sh >bash: cd: n2t.sh: Not a directory >[root@localhost Documents]# >[root@localhost Documents]# >[root@localhost Documents]# >[root@localhost Documents]# >[root@localhost Documents]# sh n2t.sh >DISABLE Updates from > Core Release > Nonfree Release > Tainted Release > Core 32bit Release >ENABLE Updates from > Core Updates Testing > Nonfree Updates Testing > Tainted Updates Testing > Core 32bit Updates Testing >Subroutine Gtk3::main redefined at /usr/lib/perl5/vendor_perl/5.18.1/Gtk3.pm line 296. >getting exclusive lock on urpmi >wrote config file [/etc/urpmi/urpmi.cfg] >unlocking urpmi database >Enabling Core Updates Testing >Enabling Nonfree Updates Testing >Enabling Tainted Updates Testing >Enabling Core 32bit Updates Testing >You are now in TESTING mode. >Install the update to test, then DISABLE the Testing and re-ENABLE the normal update repositories (test2normal). >[root@localhost Documents]# urpmi tcl >Package tcl-8.5.14-2.mga4.x86_64 is already installed >[root@localhost Documents]# urpmi tcl-tcllib > > > $MIRRORLIST: media/core/updates_testing/tcl-tcllib-1.16-1.mga4.noarch.rpm >installing tcl-tcllib-1.16-1.mga4.noarch.rpm from /var/cache/urpmi/rpms >Preparing... ############################################# > 1/1: tcl-tcllib ############################################# > 1/1: removing tcl-tcllib-1.13-3.mga4.noarch > ############################################# >[root@localhost Documents]# tclsh >% wish -f testtcl.cgi >Content-Type: text/html > ><textarea name="ta"></textarea> > >textarea >ta >Error in startup script: invalid command name "command" > while executing >"command exit" > (file "testtcl.cgi" line 10) >child process exited abnormally >% cat testctl.cgi >/usr/bin/cat: testctl.cgi: No such file or directory >child process exited abnormally >% ^C >[root@localhost Documents]# cat testtcl.cgi >#!/usr/bin/env tclsh > package require ncgi > package require html > > ::ncgi::parse > ::ncgi::header > puts [::html::textarea ta] > puts textarea > puts ta > command exit > >[root@localhost Documents]#
% wish -f testtcl.cgi Error in startup script: can't find package ncgi while executing "package require ncgi" (file "testtcl.cgi" line 2) child process exited abnormally % urpmi tcl-tcllib $MIRRORLIST: media/core/release/tcl-tcllib-1.13-3.mga4.noarch.rpm installing tcl-tcllib-1.13-3.mga4.noarch.rpm from /var/cache/urpmi/rpms Preparing... ############################################# 1/1: tcl-tcllib ############################################# % wish -f testtcl.cgi Content-Type: text/html <textarea name="ta"></textarea> textarea ta Error in startup script: invalid command name "command" while executing "command exit" (file "testtcl.cgi" line 10) child process exited abnormally % ^C [root@localhost Documents]# ls hello.cgi html.tcl n2t.sh t2n.sh testtcl.cgi Text File [root@localhost Documents]# cd n2t.sh bash: cd: n2t.sh: Not a directory [root@localhost Documents]# [root@localhost Documents]# [root@localhost Documents]# [root@localhost Documents]# [root@localhost Documents]# sh n2t.sh DISABLE Updates from Core Release Nonfree Release Tainted Release Core 32bit Release ENABLE Updates from Core Updates Testing Nonfree Updates Testing Tainted Updates Testing Core 32bit Updates Testing Subroutine Gtk3::main redefined at /usr/lib/perl5/vendor_perl/5.18.1/Gtk3.pm line 296. getting exclusive lock on urpmi wrote config file [/etc/urpmi/urpmi.cfg] unlocking urpmi database Enabling Core Updates Testing Enabling Nonfree Updates Testing Enabling Tainted Updates Testing Enabling Core 32bit Updates Testing You are now in TESTING mode. Install the update to test, then DISABLE the Testing and re-ENABLE the normal update repositories (test2normal). [root@localhost Documents]# urpmi tcl Package tcl-8.5.14-2.mga4.x86_64 is already installed [root@localhost Documents]# urpmi tcl-tcllib $MIRRORLIST: media/core/updates_testing/tcl-tcllib-1.16-1.mga4.noarch.rpm installing tcl-tcllib-1.16-1.mga4.noarch.rpm from /var/cache/urpmi/rpms Preparing... ############################################# 1/1: tcl-tcllib ############################################# 1/1: removing tcl-tcllib-1.13-3.mga4.noarch ############################################# [root@localhost Documents]# tclsh % wish -f testtcl.cgi Content-Type: text/html <textarea name="ta"></textarea> textarea ta Error in startup script: invalid command name "command" while executing "command exit" (file "testtcl.cgi" line 10) child process exited abnormally % cat testctl.cgi /usr/bin/cat: testctl.cgi: No such file or directory child process exited abnormally % ^C [root@localhost Documents]# cat testtcl.cgi #!/usr/bin/env tclsh package require ncgi package require html ::ncgi::parse ::ncgi::header puts [::html::textarea ta] puts textarea puts ta command exit [root@localhost Documents]#
View Attachment As Raw
Actions:
View
Attachments on
bug 15503
: 6459