Webcom Guestbook rguest.exe Arbitrary File Access

1999-04-09T20:41:39
ID OSVDB:6016
Type osvdb
Reporter David Litchfield(mnemonix@globalnet.co.uk)
Modified 1999-04-09T20:41:39

Description

Vulnerability Description

Webcom's Guestbook CGI contains a flaw that may lead to an unauthorized information disclosure. With a specially crafted request using the "template" parameter, an remote attacker could read any file on the system, which will disclose sensitive information resulting in a loss of confidentiality.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Remove the WebCom Guestbook CGI components from your Web server.

Short Description

Webcom's Guestbook CGI contains a flaw that may lead to an unauthorized information disclosure. With a specially crafted request using the "template" parameter, an remote attacker could read any file on the system, which will disclose sensitive information resulting in a loss of confidentiality.

Manual Testing Notes

http://[victim]/cgi-bin/rguest.exe?template=3Dc:\winnt\system32\$winnt$.inf

References:

Vendor URL: http://www.webcom.se Related OSVDB ID: 6015 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1999_2/0080.html ISS X-Force ID: 2072 CVE-1999-0467 CVE-1999-0287 Bugtraq ID: 2024