Meteo meteobrowser.php Arbitrary Command Execution

2004-04-28T00:00:00
ID OSVDB:5942
Type osvdb
Reporter Kirk Meyer()
Modified 2004-04-28T00:00:00

Description

Vulnerability Description

Meteo contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the meteobrowser.php script not properly escaping arguments passed to the system() call. With a specially crafted URL, a remote attacker may be able to execute arbitrary commands under the privilege of the web server.

Solution Description

Upgrade to version 0.9.12 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Meteo contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the meteobrowser.php script not properly escaping arguments passed to the system() call. With a specially crafted URL, a remote attacker may be able to execute arbitrary commands under the privilege of the web server.

References:

Vendor URL: http://meteo.othello.ch/ Vendor Specific Advisory URL Vendor Specific Advisory URL