vendor:
WebGlimpse
by:
Drazvan Popescu
7.5
CVSS
HIGH
Command Injection
78
CWE
Product Name: WebGlimpse
Affected Version From: GlimpseHTTP up to and including 2.0, and WebGlimpse prior to version 1.5
Affected Version To: N/A
Patch Exists: YES
Related CWE: CVE-2001-0206
CPE: o:webglimpse:webglimpse
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Unix
2001
WebGlimpse and GlimpseHTTP Command Injection Vulnerability
WebGlimpse and GlimpseHTTP are web indexing and search engine programs with some associated management scripts. GlimpseHTTP up to and including 2.0, and WebGlimpse prior to version 1.5, suffer from a common vulnerability involving the component "aglimpse". This script fails to filter the pipe metacharacter, allowing arbitrary command execution. The demonstration exploit for this vulnerability includes the unix shell "IFS" (Internal Field Separator) variable for situations where the web server filters space characters - by setting this to an acceptable character ("5" in the example exploit) it is possible to use commands with more than one field.
Mitigation:
Upgrade to the latest version of WebGlimpse and GlimpseHTTP.
