[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: [Gnump3d-users] Security Hole found in gnump3d

From: Joshua Zimler
Subject: Fwd: [Gnump3d-users] Security Hole found in gnump3d
Date: Fri, 2 Nov 2007 08:53:09 -0400

Forgot to include this to the mailing list.

---------- Forwarded message ----------
From: Joshua Zimler <address@hidden >
Date: Nov 1, 2007 10:46 PM
Subject: Re: [Gnump3d-users] Security Hole found in gnump3d
To: Ryan Hanna <address@hidden>

Here's my file:

address@hidden:~$ cat /usr/share/gnump3d/Tabular/error.html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
<html xmlns=" " xml:lang="en" lang="en">
<title>GNUMP3d :: $TITLE </title>
<meta name="description" content="CSS techniques to demonstrate pure CSS tabbed navigation menu" />
<meta name="keywords" content="" />

<style type="text/css">
body {margin: 0;
padding: 0;
background: #CACCB4;
font: 1em/1.7em arial, sans-serif; }

pre {text-indent: 30px;}

#banner {position: absolute;
top: 0;
left: 0;
width: 99%;
padding: 0;
margin: 0 1px;
border: 4px solid black;
color: black;
background: #ABAD85;
z-index: 5;}
body>#banner {position: fixed;}

#banner h1 {margin: 0;
padding: 5px;}

#tabmenu {color: #000;
position: absolute;
top: 52px;
padding: 0px;
z-index: 10;
margin-left: 15px;}
body>#tabmenu {position: fixed; top: 34px;}
head:first-child+body #tabmenu {top: 36px;} /*only mozilla*/

#tabmenu li {display: inline;
overflow: hidden;
list-style-type: none;}

#tabmenu a, {color: #DEDECF;
background: #898B5E;
font-size: 0.8em;
font-weight: bold;
border: 3px solid black;
padding: 2px;
margin: 2px;
text-decoration: none;}

#tabmenu {background: #ABAD85;
border-top: 3px solid #ABAD85; z-index: 30;}

#tabmenu a:hover {color: #fff;
background: #ADC09F;}

#tabmenu a:visited {color: #E8E9BE;}

#tabmenu {background: #ABAD85;
color: #D3DBCB;}

#content {background: #CACCB4;
font: 0.8em "Trebuchet MS", arial, sans-serif;
height: auto;
text-align: justify;
padding: 100px 70px 0px 70px;
z-index: 0;}

#content a {text-decoration: none;
color: #86862D;}

#content a:hover {background: #ADC09F;}



<div id="banner">
<h1>GNUMP3d v$RELEASE</h1>

<div id="content">

<table border="0" cellpadding="0" cellspacing="5" width="100%" bgcolor="#000000">
<table border="0" cellpadding="0" cellspacing="0" width="100%" bgcolor="#eaecef">
<tr bgcolor="#d1d5d7"><td colspan="7" align="center"><h3>Error</h3></td></tr>


On 11/1/07, Ryan Hanna <address@hidden> wrote:

Cool thanks.  I am running it on ubuntu server with no gui, and using the templates for the pages.  Do you know which part I have to remove from the error.html template to remove just the links?


From: Joshua Zimler [mailto:address@hidden]
Sent: Thursday, November 01, 2007 10:24 PM
To: Ryan Hanna
Subject: Re: [Gnump3d-users] Security Hole found in gnump3d


Actually, you don't even need to try three times, you just need to click "cancel" when you're prompted for a password.

I fixed it by simply removing the links on the html file on my computer. 

On 11/1/07, Ryan Hanna <address@hidden> wrote:

I found a security hole in the gnump3d service for ubuntu.  If you try and log in three times it takes you to a page that says you access has been restricted due to too many login attempts.  It still however shows the tool bar to the left side with all of the links.  The home link is inactive, however, all other tabs are still accessible.  You can actually go to the playlists tab, create your own and download music from the music archive.


Has anyone else experienced the same issue?  Anyone know a quick fix?



Gnump3d-users mailing list


reply via email to

[Prev in Thread] Current Thread [Next in Thread]