SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   SHADOW Vendors:   CIDER Project
CIDER Project's SHADOW Intrusion Detection Software Allows Remote Users to Execute Arbitrary Code on the Server with Web Server Privileges
SecurityTracker Alert ID:  1004184
SecurityTracker URL:  http://securitytracker.com/id/1004184
CVE Reference:   CVE-2002-0091   (Links to External Site)
Date:  Apr 30 2002
Impact:   Execution of arbitrary code via network, User access via network

Version(s): 1.5, 1.6
Description:   A vulnerability was reported in the CIDER Project's SHADOW intrusion detection product. A remote user can execute arbitrary commands on the system with the privileges of the web server.

eSecurityOnline reported that there are input filtering flaws in some of the CGI code. A remote user can send a specially crafted URL to several of the CGI scripts to execute commands with the privileges of the running web server. No further details were provided.

Impact:   A remote user can execute arbitrary code on the system with the privileges of the web server.
Solution:   No solution was available at the time of this entry.

[Editor's note: The report indicates that versions 1.5 and 1.6 are vulnerable, while the latest version available from the vendor is 1.7. It is not clear if 1.7 corrects this flaw or not. We will modify this alert when confirmation is received.]

The author of the report has provided the following technical recommendation:

"By design, the analyzer web interface should only be reachable through an internal network and with password authentication. Since the possibility remains that an attacker can reach the analyzer, disable network access to the web interface and only view the web pages locally."

Vendor URL:  www.nswc.navy.mil/ISSEC/CID/ (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.


 Source Message Contents

Subject:  eSecurityOnline Security Advisory 2408 - CIDER SHADOW CGI



eSO Security Advisory:  2408  
Discovery Date:         April 3, 2000 
ID:                     eSO:2408
Title:                  CIDER SHADOW CGI arbitrary command execution
                        vulnerabilities 
Impact:                 Remote attackers can execute commands with the
                        privileges of the running web server process
Affected Technology:    CIDER SHADOW 1.5, 1.6 
Vendor Status:          Vendor informed
Discovered By:          Kevin Kotas of the eSecurityOnline Research
                        and Development Team 
CVE Reference:          CAN-2002-0091 

Advisory Location:
http://www.eSecurityOnline.com/advisories/eSO2408.asp 

Description:
The CIDER Project's SHADOW intrusion detection utility is vulnerable to
CGI implementation flaws that allow a remote attacker to run arbitrary
commands on the analyzer. The problem occurs due to insufficient
character verification of sent variables. For multiple CGI scripts, an
attacker can send a specially crafted URL and execute commands with
the privileges of the running server.  

Technical Recommendation:
By design, the analyzer web interface should only be reachable through
an internal network and with password authentication. Since the
possibility remains that an attacker can reach the analyzer, disable
network access to the web interface and only view the web pages
locally.  

Copyright 2002 eSecurityOnline LLC.  All rights reserved.  

THE INFORMATION IN THIS VULNERABILITY ALERT IS PROVIDED BY 
ESECURITYONLINE LLC "AS IS", "WHERE IS", WITH NO WARRANTY OF ANY KIND,
AND ESECURITYONLINE LLC HEREBY DISCLAIMS THE IMPLIED WARRANTIES OF 
NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.  ESECURITYONLINE LLC SHALL HAVE NO LIABILITY FOR ANY DAMAGE,
CLAIM OR LOSS RESULTING FROM YOUR USE OF THE INFORMATION CONTAINED IN
THIS VULNERABILITY ALERT.

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC