phf CGI Script fails to guard against newline characters

Overview This document describes a vulnerability in a CGI script known as phf which was widely exploited in 1996 and 1997. Description The phf CGI script constructs a partial command line consisting of the ph command and appropriate arguments, and completes the command line based on the input fro...

Дырка в PlanetIntra

Переполнение буфера в одном из CGI-файлов...

CVE-2000-0255

The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a denial of service via a scan for the FormMail CGI program...

CVE-2000-0878

The mailto CGI script allows remote attacker to execute arbitrary commands via shell metacharacters in the emailadd form field...

CVE-2000-0923

authenticate.cgi CGI program in Aplio PRO allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter...

CVE-2000-0977

mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to read arbitrary files by specifying the target file name in the "filename" parameter in a POST request, which is then sent by email to the address specified in the "email" parameter...

CVE-2000-0941

Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter...

CVE-2000-0941

The CVE-2000-0941 entry concerns the KW Whois CGI script (KW Web) version 1.0, which fails to filter shell metacharacters in the 'whois' parameter. This allows an unauthenticated, remote attacker to execute arbitrary commands with the privileges of the http daemon. The vulnerability is demonstrat...

CVE-2000-0878

The CVE-2000-0878 entry notes a vulnerability in a mailto CGI script where a remote attacker can execute arbitrary commands through shell metacharacters in the emailadd form field. This is a remote code execution risk stemming from unsafely handling input in a CGI script. The issue is described w...

CVE-2000-0912

The CVE-2000-0912 entry concerns the MultiHTML CGI script (multihtml.pl). Affected component: the multihtml.pl CGI. The underlying issue is a traversal/file-access vulnerability where the attacker can specify the file name via the multi parameter, enabling reading of arbitrary files on the remote...

CVE-2000-0977

The CVE-2000-0977 issue affects MailFile 1.10 via mailfile.cgi, where a remote attacker can read arbitrary files by supplying a target filename in the POST parameter and having it emailed to the address in the email parameter. The underlying cause is improper handling of the filename parameter in...

CVE-2000-1132

DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable...

CVE-2000-0912

MultiHTML CGI script allows remote attackers to read arbitrary files and possibly execute arbitrary commands by specifying the file name to the "multi" parameter...

CVE-2000-0952

global.cgi CGI program in Global 3.55 and earlier on NetBSD allows remote attackers to execute arbitrary commands via shell metacharacters...

CVE-2000-0255

The CVE-2000-0255 entry affects the Nbase-Xyplex EdgeBlaster router. The vulnerability arises when an attacker performs a scan for the FormMail CGI program, which can cause a denial of service. Documented impact is network-based, with availability impact described as PARTIAL. The provided sources...

CVE-2000-1014

Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter...

CVE-2000-1005

The CVE-2000-1005 entry concerns directory traversal in eXtropia WebStore CGI scripts (html_web_store.cgi and web_store.cgi). An attacker can read arbitrary files by supplying a .. (dot dot) path in the page parameter, enabling remote file disclosure. The vulnerability is evidenced by multiple so...

CVE-2000-0944

CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without knowing the original password...

CVE-2000-0868

The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/...

CVE-2000-0287

The CVE-2000-0287 vulnerability affects BizDB’s web database integration product, specifically the Perl CGI script bizdb-search.cgi. The flaw arises when the dbname parameter is passed to an unchecked open() call, allowing remote attackers to execute commands at the webserver’s privilege level by...