Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 1999-2021 Mathieu PerrinGUESTBOOK_PL.NASL
HistoryDec 01, 1999 - 12:00 a.m.

Matt Wright guestbook.pl Arbitrary Command Execution

1999-12-0100:00:00
This script is Copyright (C) 1999-2021 Mathieu Perrin
www.tenable.com
620
JSON

The ‘guestbook.pl’ is installed. This CGI has a well known security flaw that lets anyone execute arbitrary commands with the privileges of the HTTP daemon (root or nobody).

#%NASL_MIN_LEVEL 70300
#
# This script was written by Mathieu Perrin <[email protected]>
#
# See the Nessus Scripts License for details
#

# Changes by Tenable:
# - Revised plugin title (4/16/009)

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
 script_id(10099);
 script_version("1.32");
 script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

 script_cve_id("CVE-1999-1053");
 script_bugtraq_id(776);

 script_name(english:"Matt Wright guestbook.pl Arbitrary Command Execution");
 script_summary(english:"Checks for the presence of /cgi-bin/guestbook.pl");

 script_set_attribute(attribute:"synopsis", value:"Arbitrary commands may be run on the remote host.");
 script_set_attribute(attribute:"description", value:
"The 'guestbook.pl' is installed. This CGI has a well known security
flaw that lets anyone execute arbitrary commands with the privileges
of the HTTP daemon (root or nobody).");
 script_set_attribute(attribute:"solution", value:"Remove the affected script.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:F/RL:U/RC:ND");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");
 script_set_attribute(attribute:"metasploit_name", value:'Matt Wright guestbook.pl Arbitrary Command Execution');
 script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

 script_set_attribute(attribute:"vuln_publication_date", value:"1999/11/05");
 script_set_attribute(attribute:"plugin_publication_date", value:"1999/12/01");

 script_set_attribute(attribute:"potential_vulnerability", value:"true");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);

 script_copyright(english:"This script is Copyright (C) 1999-2021 Mathieu Perrin");
 script_family(english:"CGI abuses");

 script_dependencie("find_service1.nasl", "http_version.nasl");
 script_require_keys("Settings/ParanoidReport");
 script_require_ports("Services/www", 80);

 exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("http_func.inc");
include("http_keepalive.inc");

if (report_paranoia < 2) audit(AUDIT_PARANOID);

port = get_http_port(default:80, embedded:TRUE);
res = is_cgi_installed_ka(item:"guestbook.pl", port:port);
if(res)security_hole(port);

Related

cve 1
packetstorm 1
openvas 1
cvelist 1
cve
cve
CVE-1999-1053
1999-09-13 04:00:00
packetstorm
packetstorm
Matt Wright guestbook.pl Arbitrary Command Execution
2009-10-30 00:00:00
openvas
openvas
guestbook.pl
2005-11-03 00:00:00
cvelist
cvelist
CVE-1999-1053
2001-09-12 04:00:00
JSON
Related for GUESTBOOK_PL.NASL
cve1packetstorm1openvas1cvelist1