Caldera OpenLinux 2.3 rpm_query CGI Vulnerability
BID:1036
Info
Caldera OpenLinux 2.3 rpm_query CGI Vulnerability
| Bugtraq ID: | 1036 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 05 2000 12:00AM |
| Updated: | Mar 05 2000 12:00AM |
| Credit: | This vulnerability was posted to the Bugtraq mailing list by harikiri <[email protected]> on March 4, 2000. |
| Vulnerable: |
Caldera OpenLinux 2.3 |
| Not Vulnerable: | |
Discussion
Caldera OpenLinux 2.3 rpm_query CGI Vulnerability
A vulnerability exists in the default installation of Caldera OpenLinux 2.3. A CGI is installed in /home/httpd/cgi-bin/ names rpm_query. Any user can run this CGI and obtain a listing of the packages, and versions of packages, installed on this system. This could be used to determine vulnerabilities on the machine remotely.
A vulnerability exists in the default installation of Caldera OpenLinux 2.3. A CGI is installed in /home/httpd/cgi-bin/ names rpm_query. Any user can run this CGI and obtain a listing of the packages, and versions of packages, installed on this system. This could be used to determine vulnerabilities on the machine remotely.
Exploit / POC
Caldera OpenLinux 2.3 rpm_query CGI Vulnerability
Run the rpm_query CGI via a GET. It is located in /cgi-bin/rmp_query, relative to the root of the web server.
Run the rpm_query CGI via a GET. It is located in /cgi-bin/rmp_query, relative to the root of the web server.
Solution / Fix
Caldera OpenLinux 2.3 rpm_query CGI Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
The simplest solution is to remove or disable this program.
# chmod 0 /home/httpd/cgi-bin/rpm_query
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
The simplest solution is to remove or disable this program.
# chmod 0 /home/httpd/cgi-bin/rpm_query
References
Caldera OpenLinux 2.3 rpm_query CGI Vulnerability
References:
References:
- Caldera Security Advisories Page (Caldera Systems)