[ Date Prev ][ Date Next ][ Thread Prev ][ Thread Next ][ Date Index ][ Thread Index ]
PROPOSAL: Cluster 10 - CGI (31 candidates)

To : cve-review@linus.mitre.org
Subject : PROPOSAL: Cluster 10 - CGI (31 candidates)
From : "Steven M. Christey" < coley@linus.mitre.org >
Date : Wed, 23 Jun 1999 17:45:55 -0400 (EDT)

This Low controversy cluster contains 31 candidates, all having to do
with vulnerabilities in CGI programs.

- Steve



Summary of votes to use (in ascending order of "severity"):

ACCEPT - member accepts the candidate as proposed
NOOP - member has no opinion on the candidate
MODIFY - member wants to change some minor detail (e.g. reference/description)
REVIEWING - member is reviewing/researching the candidate
RECAST - candidate must be significantly modified, e.g. split or merged
REJECT - candidate is "not a vulnerability", or a duplicate, etc.

Please write your vote on the line that starts with "VOTE: ".  If you
want to add comments or details, add them to lines after the VOTE: line.


=================================
Candidate: CAN-1999-0066
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-cgi-anyform

AnyForm CGI remote execution

VOTE:

=================================
Candidate: CAN-1999-0070
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-cgi-test

test-cgi program allows an attacker to list files on the server

VOTE:

=================================
Candidate: CAN-1999-0146
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-cgi-campas

The campas CGI program provided with some NCSA web servers allows an
attacker to read arbitrary files.

VOTE:

=================================
Candidate: CAN-1999-0147
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-cgi-glimpse

The aglimpse CGI program of the Glimpse package allows remote
execution of arbitrary commands

VOTE:

=================================
Candidate: CAN-1999-0148
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-sgi-handler

The handler CGI program in IRIX allows arbitrary command execution.

VOTE:

=================================
Candidate: CAN-1999-0149
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-sgi-wrap

The wrap CGI program in IRIX allows arbitrary command execution from
remote users.

VOTE:

=================================
Candidate: CAN-1999-0172
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-cgi-formmail-exe

FormMail CGI program allows remote execution of commands.

VOTE:

=================================
Candidate: CAN-1999-0173
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-cgi-formmail-use

FormMail CGI program can be used by web servers other than the
host server that the program resides on.

VOTE:

=================================
Candidate: CAN-1999-0174
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF

The view-source CGI program allows remote attackers to read any file on
the system that is internally accessible by the web server.

VOTE:

=================================
Candidate: CAN-1999-0176
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-webgais-query

The Webgais program allows a remote user to execute arbitrary
commands.

VOTE:

=================================
Candidate: CAN-1999-0177
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-website-uploader

The uploader program in the WebSite web server allows a remote
attacker to execute arbitrary programs.

VOTE:

=================================
Candidate: CAN-1999-0178
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-website-winsample

The win-c-sample program in the WebSite web server has a buffer
overflow that allows remote execution of commands.

VOTE:

=================================
Candidate: CAN-1999-0191
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF

IIS newdsn.exe CGI script allows remote users to overwrite files.

VOTE:

=================================
Candidate: CAN-1999-0196
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-webgais-smail

The websendmail program in the Webgais program allows a remote user to
access arbitrary files.

VOTE:

=================================
Candidate: CAN-1999-0233
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-iis-cmd

IIS and WebSite allow users to execute arbitrary commands using
.bat or .cmd files.

VOTE:

=================================
Candidate: CAN-1999-0236
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-scriptalias

ScriptAlias directory in NCSA and Apache httpd allowed attackers to
read CGI programs.

VOTE:

=================================
Candidate: CAN-1999-0237
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-cgi-guestbook

Remote execution of arbitrary commands through Guestbook CGI program.

VOTE:

=================================
Candidate: CAN-1999-0238
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-cgi-phpfileread

php.cgi allows attackers to read any file on the system.

VOTE:

=================================
Candidate: CAN-1999-0253
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-iis-2e

IIS 3.0 allows remote intruders to read source code for ASP programs
by using a "2e" instead of a "." in the URL.

VOTE:

=================================
Candidate: CAN-1999-0262
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF

faxsurvey CGI script on Linux allows remote command execution via
shell metacharacters.

VOTE:

=================================
Candidate: CAN-1999-0264
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF

htmlscript CGI program allows remote read access to files.

VOTE:

=================================
Candidate: CAN-1999-0268
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF

MetaInfo MetaWeb web server allows users to upload and execute scripts.

VOTE:

=================================
Candidate: CAN-1999-0269
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF

Netscape Enterprise servers may list files through the PageServices query.

VOTE:

=================================
Candidate: CAN-1999-0270
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF

pfdispaly CGI program for SGI's Performer API Search Tool allows read
access to files.

VOTE:

=================================
Candidate: CAN-1999-0271
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF

Progressive Networks Real Video server (pnserver) can be crashed remotely.

VOTE:

=================================
Candidate: CAN-1999-0278
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF

In IIS, remote attackers can obtain source code for ASP files by appending
"::$DATA" to the URL.

VOTE:

=================================
Candidate: CAN-1999-0279
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: CERT:VB-98.01.excite

Excite for Web Servers (EWS) allows remote command execution via
shell metacharacters.

VOTE:

=================================
Candidate: CAN-1999-0283
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF

The Java Web Server would allow remote users to obtain the source
code for CGI programs.

VOTE:

=================================
Candidate: CAN-1999-0347
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: BUGTRAQ:Jan26,1999
Reference: NTBUGTRAQ:Jan28,1999

Javascript bug in Internet Explorer 4.01 by adding %01URL allows
reading local files and spoofing of web pages from other sites.

VOTE:

=================================
Candidate: CAN-1999-0348
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: NTBUGTRAQ:Jan27,1999

IIS ASP caching problem releases sensitive information when two
virtual servers share the same physical directory.

VOTE:

=================================
Candidate: CAN-1999-0360
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: BUGTRAQ:Jan29,1999
Reference: NTBUGTRAQ:Jan29,1999

MS Site Server 2.0 with IIS 4 can allow users to upload content,
including ASP, to the target web site, thus allowing them to
execute commands remotely.

VOTE:
Prev by Date: PROPOSAL: Cluster 09 - MULT (34 candidates)
Next by Date: PROPOSAL: Cluster 11 - BUF (32 candidates)
Prev by thread: PROPOSAL: Cluster 09 - MULT (34 candidates)
Next by thread: PROPOSAL: Cluster 11 - BUF (32 candidates)
Index(es):
- Date
- Thread