Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 1999-2021 Tenable Network Security, Inc.INFO2WWW.NASL
HistoryJun 22, 1999 - 12:00 a.m.

Multiple Vendor info2www CGI Arbitrary Command Execution

1999-06-2200:00:00
This script is Copyright (C) 1999-2021 Tenable Network Security, Inc.
www.tenable.com
20

0.004 Low

EPSS

Percentile

74.3%

JSON

The ‘info2www’ CGI is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon (usually root or nobody).

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#


include('deprecated_nasl_level.inc');
include('compat.inc');

if(description)
{
 script_id(10127);
 script_version("1.35");

 script_cve_id("CVE-1999-0266");
 script_bugtraq_id(1995);

 script_name(english:"Multiple Vendor info2www CGI Arbitrary Command Execution");
 script_summary(english:"Checks for the presence of /cgi-bin/info2www");
 
 script_set_attribute(attribute:"synopsis", value:
"The remote web server is running a CGI that is affected by a remote
command execution vulnerability." );
 script_set_attribute(attribute:"description", value:
"The 'info2www' CGI is installed. This CGI has a well known security 
flaw that lets an attacker execute arbitrary commands with the 
privileges of the http daemon (usually root or nobody)." );
 script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/1998/Mar/15" );
 script_set_attribute(attribute:"solution", value:
"There is no known solution at this time." );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:F/RL:W/RC:ND");
 script_set_attribute(attribute:"plugin_publication_date", value: "1999/06/22");
 script_set_attribute(attribute:"vuln_publication_date", value: "1998/03/03");
 script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);
 
 script_copyright(english:"This script is Copyright (C) 1999-2021 Tenable Network Security, Inc.");
 script_family(english:"CGI abuses");

 script_dependencie("http_version.nasl", "find_service1.nasl", "no404.nasl");
 script_require_ports("Services/www", 80);
 script_exclude_keys("Settings/disable_cgi_scanning");
 exit(0);
}

#
# The script code starts here
#

include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

port = get_http_port(default:80);

foreach dir (cgi_dirs())
{
  res = http_send_recv3(method:"GET", item:string(dir, "/info2www"), port:port);
  if (isnull(res)) exit(1, "The web server on port "+port+" failed to respond.");

  if(egrep(pattern:".*generated by info2www 1\.[01][^0-9].*", string:res[2])){
	security_hole(port);
	exit(0);
  }
}

Related

seebug 1
cve 1
cvelist 1
seebug
seebug
RoarSmithinfo2www远程执行任意命令漏洞
2008-10-25 00:00:00
cve
cve
CVE-1999-0266
1999-09-29 04:00:00
cvelist
cvelist
CVE-1999-0266
1999-09-29 04:00:00

0.004 Low

EPSS

Percentile

74.3%

JSON
Related for INFO2WWW.NASL
seebug1cve1cvelist1