I don't think that is a vulnerability. The file /etc/master.passwd has read access for all users. Monitor can also read it in a ssh session. I you try that URL in a file with, let's say, 660 permissions you get a blank page. Regards Jorge -----Mensaje original----- De: Jonas Eriksson [mailto:je@sekure.net] Enviado el: Miercoles, 23 de Abril de 2003 15:27 Para: bugtraq@securityfocus.com Asunto: Nokia IPSO Vulnerability There is a remote security vulnerability in the Nokia IPSO operating system. Anyone with access to the webgui (Voyager) on the Nokia IP-box can read any file on the system. For example, login as the user 'monitor' (disabled by default) and use the readfile.tcl to read any file: http://x.x.x.x/cgi-bin/readfile.tcl?file=/etc/master.passwd Tested on IPSO 3.6-FCS6 Regards, Jonas Eriksson http://sekure.net
