Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution

source: https://www.securityfocus.com/bid/564/info The Dragon-Fire IDS remote web interface under version 1.0 has an insecure CGI script which allows for users to remotely execute commands as the user nobody. This could lead to a remote compromise of the system running Dragon-Fire. Via the web...

Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution

Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution source: https://www.securityfocus.com/bid/564/info The Dragon-Fire IDS remote web interface under version 1.0 has an insecure CGI script which allows for users to remotely execute commands as the user nobody. This could lead to a...