DCForum dcboard.cgi az Hidden Field Remote Execution

2003-03-31T00:00:00
ID OSVDB:3861
Type osvdb
Reporter OSVDB
Modified 2003-03-31T00:00:00

Description

Vulnerability Description

DCForum contains a flaw that allows a remote attacker to execute commands remotely. The issue is due to the dcboard.cgi file not properly sanitizing the "az=" hidden field. If an attacker changes this field to include an arbitrary file with perl commands, they will be executed by the vulnerable server during script processing.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, DCScripts.com has released a patch to address this vulnerability.

Short Description

DCForum contains a flaw that allows a remote attacker to execute commands remotely. The issue is due to the dcboard.cgi file not properly sanitizing the "az=" hidden field. If an attacker changes this field to include an arbitrary file with perl commands, they will be executed by the vulnerable server during script processing.

References:

Vendor Specific Solution URL: http://www.dcscripts.com/FAQ/sec_2001_03_31.html Snort Signature ID: 1571 Related OSVDB ID: 3867 Related OSVDB ID: 3862 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-04/0269.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-04/0304.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-04/0275.html ISS X-Force ID: 6393 CVE-2001-0437 Bugtraq ID: 2611