vendor:
whois.cgi
by:
Marco van Berkum
7.5
CVSS
HIGH
Remote Code Execution
78
CWE
Product Name: whois.cgi
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2001
Fastgraf’s whois.cgi Exploit
This script exploits a vulnerability in Fastgraf's whois.cgi script, allowing an attacker to execute arbitrary commands on the target server. By sending a specially crafted POST request, the attacker can inject a command in the 'host' parameter and execute it on the server. The script then captures the output of the command and displays it. This vulnerability was discovered by Marco van Berkum and the script can be found on his homepage at http://ws.obit.nl.
Mitigation:
The recommended mitigation for this vulnerability is to update the Fastgraf's whois.cgi script to a patched version that addresses the vulnerability. It is also important to ensure that the script is running with the least privileges necessary and that input validation is implemented to prevent command injection attacks.