WebStore ws_mail.cgi Kill Parameter Arbitrary Command Executions

2001-06-21T00:00:00
ID OSVDB:6763
Type osvdb
Reporter OSVDB
Modified 2001-06-21T00:00:00

Description

Vulnerability Description

WebStore contains a flaw that may allow a malicious user to execute arbitrary commands. The issue is triggered due to the script not properly sanitizing input sent to the system() command via the kill variable. It is possible that the flaw may allow remote attacker execute arbitrary commands with privileges of WebStore script.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround):

Substitute all instances of:

system("kill $in{'kill'}"

with:

system("kill", "$in{'kill'}")

Short Description

WebStore contains a flaw that may allow a malicious user to execute arbitrary commands. The issue is triggered due to the script not properly sanitizing input sent to the system() command via the kill variable. It is possible that the flaw may allow remote attacker execute arbitrary commands with privileges of WebStore script.

References:

Vendor URL: http://www.cgicentral.net/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-06/0142.html ISS X-Force ID: 6685 Generic Exploit URL: http://www.securityfocus.com/data/vulnerabilities/exploits/webstorekill.pl CVE-2001-1343 Bugtraq ID: 2861