Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2003-2021 Tenable Network Security, Inc.ARGS_BAT.NASL
HistoryMar 25, 2003 - 12:00 a.m.

O'Reilly WebSite Pro args.bat Arbitrary Command Execution

2003-03-2500:00:00
This script is Copyright (C) 2003-2021 Tenable Network Security, Inc.
www.tenable.com
22
JSON

The CGI β€˜args.bat’ (and/or β€˜args.cmd’) is installed. This CGI has a well known security flaw that lets an attacker upload arbitrary files on the remote web server.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
 script_id(11465);
 script_version("1.20");
 script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

 script_cve_id("CVE-1999-1180");

 script_name(english:"O'Reilly WebSite Pro args.bat Arbitrary Command Execution");
 script_summary(english:"Checks for the presence of /cgi-dos/args.bat");

 script_set_attribute(attribute:"synopsis", value:
"The remote website is susceptible to a remote command execution
attack.");
 script_set_attribute(attribute:"description", value:
"The CGI 'args.bat' (and/or 'args.cmd') is installed. This CGI has a
well known security flaw that lets an attacker upload arbitrary files
on the remote web server.");
 script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/1999/Feb/309");
 script_set_attribute(attribute:"solution", value:"There is no known solution at this time.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");

 script_set_attribute(attribute:"vuln_publication_date", value:"1999/02/16");
 script_set_attribute(attribute:"plugin_publication_date", value:"2003/03/25");

 script_set_attribute(attribute:"potential_vulnerability", value:"true");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();


 script_category(ACT_GATHER_INFO);

 script_copyright(english:"This script is Copyright (C) 2003-2021 Tenable Network Security, Inc.");
 script_family(english:"CGI abuses");

 script_dependencie("http_version.nasl", "find_service1.nasl", "no404.nasl");
 script_require_keys("Settings/ParanoidReport");
 script_require_ports("Services/www", 80);
 exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

if (report_paranoia < 2) audit(AUDIT_PARANOID);

port = get_http_port(default:80);

res = is_cgi_installed3(item:"/cgi-dos/args.bat", port:port);
if (isnull(res)) exit (0);
if (res) { security_warning(port); exit(0); }

res = is_cgi_installed3(item:"/cgi-dos/args.cmd", port:port);

if (isnull(res)) exit (0);
if (res) { security_warning(port); exit(0); }

Related

cve 1
cve
cve
CVE-1999-1180
1999-02-16 05:00:00
JSON
Related for ARGS_BAT.NASL
cve1