[2113] in WWW Security List Archive
CGI Security Problem (fwd)
daemon@ATHENA.MIT.EDU (Lincoln Stein)
Sat May 18 10:24:31 1996
From: lstein@genome.wi.mit.edu (Lincoln Stein)
To: www-security@ns2.rutgers.edu
Date: Sat, 18 May 1996 08:15:44 -0500 (EDT)
Errors-To: owner-www-security@ns2.rutgers.edu
I just got this note from a reader of the WWW Security FAQ. I haven't
confirmed the problems with CGITap yet, but you might want to watch
out for this script.
Lincoln
Forwarded message:
> From daemon Sat May 18 03:26:30 1996
> Message-Id: <m0uKgOx-0010btC@vista.hevanet.com>
> Comments: Authenticated sender is <maurice@mail.hevanet.com>
> From: "Maurice L. Marvin" <maurice@hevanet.com>
> To: lstein@genome.wi.mit.edu
> Date: Sat, 18 May 1996 00:14:08 -0700
> Subject: CGI Security Problem
> Reply-To: maurice@hevanet.com
> Priority: normal
> X-Mailer: Pegasus Mail for Windows (v2.23)
>
> Hello Lincoln. There is a CGI script
> named CGITap (http://scendtek.com/cgitap/), which
> I believe has a serious security problem.
>
> I have notified the author, but have not
> received a reply yet. I am notifying you because
> of the potentially wide-spread distribution of this
> program (it is referenced in the May edition of
> WebSmith, page 45).
>
> The program does not remove or escape
> metacharacters from the user supplied data prior to
> being passed to the shell, and as such, I've been able
> to execute several arbitrary commands.
>
> Best Regards,
>
> Maurice L. Marvin <maurice@hevanet.com>
>
