|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: DNSTools v1.08 has no input validation
From: Jonathan Leto (jonathan
LETO.NET)Date: Thu Mar 02 2000 - 07:59:15 CST
- Next message: rpc: "infosrch.cgi vulnerability (IRIX 6.5)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello all.
Dnstools 1.08 ( available at http://www.dnstools.com/dnst_v1.tgz ) has 18 cgi
scripts with various functions, like AddMx, DeleteDomain, that all start off like
this:
-----------------
#!/usr/bin/perl
use CGI;
use DBI;
my $CGI = new CGI;
########################################################
### Get all of the values from the web form
########################################################
my $host_name;
my $domain_name;
$host_name = $CGI->param("host_name");
$domain_name = $CGI->param("domain_name");
$error_description = "";
my $error_code = system("/usr/local/dnstools/delete_mx -d \"$domain_name\" -n \"$host_name\"");
-------------
Not a lick of input validation is done, so executing and poking around the filesystem as the webserver
is possible. It doesn't even vainly check the referrer.
This costs $800??
-- jonathan
- Next message: rpc: "infosrch.cgi vulnerability (IRIX 6.5)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]