Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Avenger's News System Remote Command Execution Vulnerability

Avenger's News System Remote Command Execution Vulnerability

by Nikola Strahija on February 23rd, 2002 Avenger's News System (ANS) is a simple form-based web site management tool written in Perl. It will run on most Unix and Linux variants.


ANS does not filter shell metacharacters from web requests, making it prone to remote command execution attacks. As a result, a remote attacker may execute commands on the underlying shell of the host running the vulnerable software. Commands will be executed with the privileges of the webserver process.

Successful exploitation of this vulnerability may allow a remote attacker to gain local access to the host running the vulnerable software.

Remote: Yes

Exploit: This issue may be exploited with a web browser.

Solution: The following workaround has been suggested:

(replace the offending code with):

if (substr($QUERY, 0, 2) eq "p="){
$QUERY =~ s/([&;`'|"*?~^()[]{}$nr])/$1/g; #filter meta
characters
$QUERY =~ s/..//g; #filter double dot (..)
$plugin = substr((split /&/, $QUERY)[0], 2);
if (index("$QUERY", "&") ;
close (PLUGIN);

eval("@plugin");
exit;
}


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »