Published:2011/05/26 Last Updated:2011/05/26

Information from Walrus, Digit

Vulnerability ID:JVN#46984044
Title:WalRack upload file handilng vulnerability
Status:vulnerable

This is a statement from the vendor itself with no modification by JPCERT/CC.

WalRack is sample code for the perl modules "CGI::Lite" and "jcode.pl".
Since CGI modules and Encode modules are readily available, learning how to use these modules is not important. Therefore, it is recommended tostop using WalRack

For users that wish to continue using WalRack, please upgrade to WalRack 1.1.9 or WalRack 2.0.7 and later which contain fixes for this vulnerability. The updates can be found at the below URLs

WalRack
http://digit.que.ne.jp/work/index.cgi?WalRack#i8
(Japanese Only)

WalRack2
http://digit.que.ne.jp/work/index.cgi?WalRack2#i7
(Japanese Only)

JVN
HOME
What is JVN ?
Instructions
List of Vulnerability Report
VN_JP
VN_JP(Unreachable)
VN_VU
TA
TRnotes
JVN iPedia
MyJVN
JVNJS/RSS
Vendor List
List of unreachable developers
Contact