KW Whois Remote Command Execution Vulnerability
BID:1883
Info
KW Whois Remote Command Execution Vulnerability
| Bugtraq ID: | 1883 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Oct 29 2000 12:00AM |
| Updated: | Oct 29 2000 12:00AM |
| Credit: | First reported to bugtraq by Mark Stratman <[email protected]> on Sun, 29 Oct 2000 |
| Vulnerable: |
Kootenay Web Inc whois 1.0 |
| Not Vulnerable: | |
Discussion
KW Whois Remote Command Execution Vulnerability
whois is a utility used to find general information and technical details about registered domain names. A vulnerability exists in Kootenay Web Inc's Whois (release v.1.9), a web interface to whois running on a linux server.
Due to a failure to properly check user-supplied input to a form variable for shell metacharacters, a malicious remote user can trick the script into executing arbitrary code on the host system. At that point an attacker can gain local shell access to the system with the privileges of the webserver. Further compromise (eg, root) may follow.
whois is a utility used to find general information and technical details about registered domain names. A vulnerability exists in Kootenay Web Inc's Whois (release v.1.9), a web interface to whois running on a linux server.
Due to a failure to properly check user-supplied input to a form variable for shell metacharacters, a malicious remote user can trick the script into executing arbitrary code on the host system. At that point an attacker can gain local shell access to the system with the privileges of the webserver. Further compromise (eg, root) may follow.
Solution / Fix
KW Whois Remote Command Execution Vulnerability
Solution:
Excerpted form bugtraq post byMark Stratman <[email protected]>:
"Parse out unsafe characters in $query->param with standard cgi checking
(see http://www.n3t.net/programming/)"
Solution:
Excerpted form bugtraq post byMark Stratman <[email protected]>:
"Parse out unsafe characters in $query->param with standard cgi checking
(see http://www.n3t.net/programming/)"