Confixx Perl Debugger Remote Command Execution Vulnerability
BID:9831
Info
Confixx Perl Debugger Remote Command Execution Vulnerability
| Bugtraq ID: | 9831 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 09 2004 12:00AM |
| Updated: | Mar 09 2004 12:00AM |
| Credit: | Discovery of this vulnerability has been credited to wkr. |
| Vulnerable: |
SWSoft Confixx Pro 2 |
| Not Vulnerable: | |
Discussion
Confixx Perl Debugger Remote Command Execution Vulnerability
The Confixx PERL debugging utility functionality has been reported to be prone to a remote command execution vulnerability. The issue is reported to occur when a command sequence is appended to a HTTP request for a PERL script resource, the command sequence must contain a prefixed ';' semi-colon character. When this request is processed, the command sequence will be reportedly executed with the privileges of the process that invokes the Confixx PERL debugging utility.
The Confixx PERL debugging utility functionality has been reported to be prone to a remote command execution vulnerability. The issue is reported to occur when a command sequence is appended to a HTTP request for a PERL script resource, the command sequence must contain a prefixed ';' semi-colon character. When this request is processed, the command sequence will be reportedly executed with the privileges of the process that invokes the Confixx PERL debugging utility.
Exploit / POC
Confixx Perl Debugger Remote Command Execution Vulnerability
There is no exploit required; the following example has been supplied:
; /bin/cat location_of_Confixx_config_file
http://www.example.com/user/tools_cgicheck2.php?dir=3D&file=3D%20./x%20|/bin/cat%20/etc/passwd
There is no exploit required; the following example has been supplied:
; /bin/cat location_of_Confixx_config_file
http://www.example.com/user/tools_cgicheck2.php?dir=3D&file=3D%20./x%20|/bin/cat%20/etc/passwd
Solution / Fix
Confixx Perl Debugger Remote Command Execution Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.