Vulnerability Note VU#496064
ibrow NewsDesk does not securely handle input passed to open()
A vulnerability in ibrow NewsDesk allows an attacker to view files and execute operating system commands with the privileges of the web server.
ibrow NewsDesk is a Perl CGI script that is designed to create and display news articles on a web site. The code for NewsDesk is implemented in the file newsdesk.cgi. This code accepts input from a URL and uses this data in an argument to the Perl open() command. Since NewsDesk does not adequately filter URL input, it is possible to construct a URL containing shell meta-characters such as "../" and "|" (pipe), and these characters will be processed with the privileges of the web server.
By submitting a specially crafted URL, an attacker can execute operating system commands and traverse the file system and read files with the permission of the web server.
The CERT/CC is currently unaware of a practical solution to this problem.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|ibrow||Affected||27 Mar 2002||02 Apr 2002|
CVSS Metrics (Learn More)
The CERT Coordination Center acknowledges <firstname.lastname@example.org> as the reporter of this vulnerability.
This document was written by Art Manion.
- CVE IDs: CAN-2001-0231
- Date Public: 04 Jan 2001
- Date First Published: 02 Apr 2002
- Date Last Updated: 08 Apr 2002
- Severity Metric: 2.97
- Document Revision: 22
If you have feedback, comments, or additional information about this vulnerability, please send us email.