Dragon-Fire IDS漏洞

漏洞信息详情

Dragon-Fire IDS漏洞

• CNNVD编号：CNNVD-199908-007
• 危害等级： 超危
  
  
• CVE编号：
  CVE-1999-0913
  
• 漏洞类型：
  
  
  未知
  
• 发布时间：
  
  1999-08-05
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  network_security_wizards
• 漏洞来源：
  This vulnerability…

Dragon-Fire IDS的dfire.cgi脚本存在漏洞。远程用户可以通过shell元字符执行命令。

NSW issued an immediate fix to its user community via a customer security bulletin. The fix instructions here are taken from this bulletin.
If you have Dragon-Fire exposed to the Internet, please modify it
now and take the steps outlined here to patch it.
1] Open dfire.cgi with vi.
2] Goto to line 215 with a ‘:215’ command
3] The line should read:
$command = $command . ‘-f ‘ . $db . $input{‘database’} .
‘/dragon.db’;
It may be slightly off if you have modified the dfire.cgi script.
4] Below that line please add the following two lines:
$AOK = ‘-a-zA-Z0-9_.+:/’;
$command =~ s/[^$AOK]/ /go;
5] Verify that the new Dragon-Fire works by performing a few queries

来源: BID
名称: 564
链接:http://www.securityfocus.com/bid/564

来源: BUGTRAQ
名称: 19990804 NSW Dragon Fire gets drowned
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=93383593909438&w=2