WeHelpBUS rpm.cgi.in Query String Arbitrary Command Execution

2004-10-14T00:00:00
ID OSVDB:10838
Type osvdb
Reporter OSVDB
Modified 2004-10-14T00:00:00

Description

Vulnerability Description

WeHelpBUS contains a flaw that allows a remote command execution attack. This flaw exists because the application does not validate the QUERY_STRING variable upon submission to the rpm.cgi.in script. This allows users to execute shell commands with the privileges of the web server.

Solution Description

Upgrade to version 0.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

WeHelpBUS contains a flaw that allows a remote command execution attack. This flaw exists because the application does not validate the QUERY_STRING variable upon submission to the rpm.cgi.in script. This allows users to execute shell commands with the privileges of the web server.

References:

Vendor URL: http://wehelpbus.sourceforge.net/ Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=275295 Security Tracker: 1011743 Secunia Advisory ID:12831 Related OSVDB ID: 10839 Related OSVDB ID: 10835 Related OSVDB ID: 10777 Related OSVDB ID: 10834 Related OSVDB ID: 10836 Related OSVDB ID: 10837 CVE-2004-2183 Bugtraq ID: 11431