header-logo
Suggest Exploit
vendor:
freeware guestbook package
by:
Unknown
7.5
CVSS
HIGH
Arbitrary File Retrieval
Unknown
CWE
Product Name: freeware guestbook package
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE: Unknown
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Vulnerability in freeware guestbook package

The freeware guestbook package from freeware.webcom.se provides a web-based guestbook feature, using CGI. Some versions of this guestbook (undetermined at the time of writing) are vulnerable to an attack allowing an intruder to retrieve the contents of arbitrary files to which the web server has access. This can be accomplished by specifying the path and filename as the parameter 'template' to either rguest.exe or wguest.exe - see Exploit for example. These two programs typically reside in /cgi-bin. A request for http://server/cgi-bin/wguest.exe?template=c:boot.ini will return the remote Web server's boot.ini.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2024/info

The freeware guestbook package from freeware.webcom.se provides a web-based guestbook feature, using CGI. Some versions of this guestbook (undetermined at the time of writing) are vulnerable to an attack allowing an intruder to retrieve the contents of arbitrary files to which the web server has access. This can be accomplished by specifying the path and filename as the parameter "template" to either rguest.exe or wguest.exe - see Exploit for example. These two programs typically reside in /cgi-bin. 

A request for http://server/cgi-bin/wguest.exe?template=c:\boot.ini will return the remote Web server's boot.ini

Navigation

Suggest Exploit

Services By CQR