header-logo
Suggest Exploit
vendor:
Dispair
by:
SecurityFocus
7.5
CVSS
HIGH
Command Injection
78
CWE
Product Name: Dispair
Affected Version From: Dispair 1.0
Affected Version To: Dispair 1.0
Patch Exists: YES
Related CWE: CVE-2002-0392
CPE: o:dispair:dispair:1.0
Metasploit: https://www.rapid7.com/db/vulnerabilities/apache-httpd-cve-2002-0392/https://www.rapid7.com/db/vulnerabilities/http-apache2-chunked-transfer-int-bof/https://www.rapid7.com/db/vulnerabilities/apache-httpd-1_3_x-apache-chunked-encoding-vulnerability-cve-2002-0392/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux, Windows
2002

Dispair Command Injection

Dispair fails to sufficiently validate user-supplied input before it is passed to the shell via the Perl open() function. This allows an attacker to inject arbitrary commands into the vulnerable application, which are then executed on the underlying system with the privileges of the webserver process. An example of this is demonstrated in the URL provided, which executes the 'id' command on the underlying system.

Mitigation:

Input validation should be performed on all user-supplied data before it is passed to the shell.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5392/info

Dispair fails to sufficiently validate user-supplied input before it is passed to the shell via the Perl open() function. Remote attackers may potentially exploit this issue to execute arbitrary commands on the underlying shell with the privileges of the webserver process.

http://target/cgi-bin/dispair.cgi?file=fiddle&view=%0A/usr/bin/id

Navigation

Suggest Exploit

Services By CQR