KICQ Remote Command Execution Vulnerability

vendor:

KICQ

by:

SecurityFocus

7.5

CVSS

HIGH

Remote Command Execution

CWE

Product Name: KICQ

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Unix

2002

KICQ Remote Command Execution Vulnerability

KICQ is an ICQ-compatible interactive messaging client for Unix. Versions of KICQ are vulnerable to remote execution of arbitrary commands embedded in URLs. A maliciously-composed URL containing shell metacharacters and shell commands can be sent in an instant message by an attacker. When the KICQ user clicks this link, the hostile code contained in the URL will execute with the privilege level of the user running KICQ.

Mitigation:

Users should avoid clicking on links from untrusted sources.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2443/info

KICQ is an ICQ-compatible interactive messaging client for Unix. Versions of KICQ are vulnerable to remote execution of arbitrary commands embedded in URLs.

A maliciously-composed URL containing shell metacharacters and shell commands can be sent in an instant message by an attacker.

When the KICQ user clicks this link, the hostile code contained in the URL will execute with the privilege level of the user running KICQ. 

* Attacker composes malicious URL, ie:

http://www.attack.com/index.html'&xterm&'truehttp://www.attack.com </external/http://www.attack.com/index.html'&xterm&'truehttp://www.attack.com>..............................................................

('.' characters = spaces)

* To the target user, the above URL appears to be:

"http://www.attack.com/" </external/http://www.attack.com/>

* When the target user opens the URL, the shell commands contained within it (ie 'xterm') will be executed, potentially without warning to the user.