Vulnerability Note VU#453475
PGPMail.pl does not adequately validate user input thereby allowing arbitrary command execution
Overview
PGPMail.pl does not adequately filter user input, allowing arbitrary command execution.
Description
PGPMail.pl is an adaptation of the FormMail.pl CGI script, enhanced to use PGP encryption. PGPMail.pl does not adequately filter the "recipient" and "pgpuserid" CGI variables before passing them to piped Perl open() function calls, inevoking shells. As a result, attackers may execute arbitrary commands on the server with privileges of the web server process. |
Impact
Remote attackers can execute arbitrary commands on the server with privileges of the web server process. |
Solution
The CERT/CC is currently unaware of a practical solution to this problem. |
Systems Affected (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Ventura Blvd | Affected | - | 25 Sep 2002 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A | N/A |
References
Credit
Thanks to John Scimone for reporting this vulnerability.
This document was written by Shawn Van Ittersum.
Other Information
- CVE IDs: Unknown
- Date Public: 29 Nov 2001
- Date First Published: 27 Sep 2002
- Date Last Updated: 15 Apr 2003
- Severity Metric: 4.28
- Document Revision: 6
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.