evuln.MyQuiz.txt

2006-02-06T00:00:00
ID PACKETSTORM:43593
Type packetstorm
Reporter Aliaksandr Hartsuyeu
Modified 2006-02-06T00:00:00

Description

                                        
                                            `New eVuln Advisory:  
MyQuiz Arbitrary Command Execution Vulnerability  
http://evuln.com/vulns/57/summary.html  
  
--------------------Summary----------------  
  
Software: MyQuiz  
Sowtware's Web Site: http://www.corantodemo.net/  
Versions: 1.01  
Critical Level: Dangerous  
Type: Command Execution  
Class: Remote  
Status: Unpatched. Developer(s) contacted.  
Exploit: Available  
Solution: Not Available  
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)  
eVuln ID: EV0057  
  
-----------------Description---------------  
Vulnerable Script: myquiz.pl  
  
Variable $ENV{'PATH_INFO'} isn't properly sanitized. This can be used to execute arbitrary commands.  
  
System access is possible.  
  
--------------Exploit----------------------  
Available at: http://evuln.com/vulns/57/exploit.html  
  
Url Example:  
  
http://host/cgi-bin/myquiz.pl/ask/;command|  
  
  
  
--------------Solution---------------------  
No Patch available.  
  
--------------Credit-----------------------  
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)  
  
`