Darryl Burgdorf Webhints Remote Command Execution Vulnerability

2005-05-09T00:00:00
ID SMNTC-13930
Type symantec
Reporter Symantec Security Response
Modified 2005-05-09T00:00:00

Description

Description

Darryl Burgdorf Webhints is prone to a remote command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

Technologies Affected

  • Colored Scripts Easy Message Board
  • Darryl Burgdorf Webhints 1.3.0

Recommendations

Block external access at the network boundary, unless external parties require service.
If possible, block access to the server at the network perimeter. Only allow trusted computers and networks to have access to the resources.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy network intrusion detection systems to monitor the network for suspicious network traffic containing operating system commands or metacharacters. This may aid in detecting attacks that attempt to exploit this and similar vulnerabilities. IDS and server logs should be reviewed on a regular basis.

Run all software as a nonprivileged user with minimal access rights.
The hosting Web server should be run in a chrooted or jailed environment with the minimal amount of privileges required for functionality. This will reduce the impact of successful exploitation.

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.