SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  CSV_DB Vendors:  K-COLLECT
CSV_DB Input Validation Hole Lets Remote Users Execute Arbitrary Commands
SecurityTracker Alert ID:  1014299
SecurityTracker URL:  http://securitytracker.com/id?1014299
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jun 27 2005
Impact:  Execution of arbitrary code via network, User access via network
Exploit Included:  Yes   Vendor Confirmed:  Yes  
Version(s): 1.00
Description:  blahplok reported a vulnerability in CSV_DB. A remote user can execute arbitrary commands on the target system.

The 'csv_db.cgi' script does not properly validate user-supplied input in the 'file parameter. A remote user can append a specially crafted command to the end of the file parameter value to execute arbitrary commands.

A demonstration exploit URL is provided:

http://[target]/csv_db/csv_db.cgi?fil e=file.extention|command|
Impact:  A remote user can execute arbitrary commands on the target system with the privileges of the target web service.
Solution:  No solution was available at the time of this entry.

The vendor recommends against using this software due to security vulnerabilities.
Vendor URL:  www.k-collect.net/cgi_lab/csv_db.htm (Links to External Site)
Cause:  Input validation error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)
Reported By:  evy pk <blahplok@yahoo.com>
Message History:   None.

 Source Message Contents
Date:  Fri, 24 Jun 2005 02:36:35 -0700 (PDT)
From:  evy pk <blahplok@yahoo.com>
Subject:  remote command execution in csv-Database Ver1.00

 
 
remote command execution in csv-Database Ver1.00
 
Developed by: K-COLLECT
http://www.k-collect.net
Program Name:csv-Database Ver1.00
 
An attacker may exploit this vulnerability to execute
commands on
the remote host by adding special parameters to
csv_db.cgi script.
 
Proof Of Concept:
http://[target]/csv_db/csv_db.cgi?file=file.extention|command|
 
 
Solution : None at this time
Risk factor : High
vendor no respon
 
 
 
		
____________________________________________________ 
Yahoo! Sports 
Rekindle the Rivalries. Sign up for Fantasy Football 
http://football.fantasysports.yahoo.com


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2005, SecurityGlobal.net LLC