ikonboard任意命令执行漏洞

漏洞信息详情

ikonboard任意命令执行漏洞

• CNNVD编号：CNNVD-200102-070
• 危害等级： 超危
  
  
• CVE编号：
  CVE-2001-0076
  
• 漏洞类型：
  
  
  输入验证
  
• 发布时间：
  
  2001-02-12
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  ikonboard.com
• 漏洞来源：
  This vulnerability…

Ikonboard 2.1.7b及其早期版本的register.cgi存在漏洞。远程攻击者借助SEND_MAIL参数执行任意命令，该漏洞改写内部引用程序执行的程序变量。

This code was sent by Gijs Hollestelle and is reportedly the official vendor fix to the problem code:
From register.cgi:
@params = $query->param;
foreach $param(@params) {
$theparam = $query->param($param);
$theparam = &unHTML(“$theparam”);
${$param} = $theparam;
}
Replace with:
for (‘inmembername’,’password’,’emailaddress’,
‘showemail’,’homepage’,’aolname’,’icqnumber’,’location’,’interests’,
‘signature’,’timedifference’,’useravatar’,’action’) {
next unless defined $_;
next if $_ eq ‘SEND_MAIL’;
$tp = $query->param($_);
$tp = &unHTML(“$tp”);
${$_} = $tp;
}
@gewis.win.tue.nl>

来源: BID
名称: 2157
链接:http://www.securityfocus.com/bid/2157

来源: BUGTRAQ
名称: 20001228 Remote vulnerability in Ikonboard upto version 2.1.7b
链接:http://archives.neohapsis.com/archives/bugtraq/2000-12/0483.html

来源: XF
名称: http-cgi-ikonboard
链接:http://xforce.iss.net/static/5819.php