Vulnerabilities > CVE-1999-0266 - Unspecified vulnerability in Roar Smith Info2Www

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

roar-smith

nessus

exploit available

NVD

Published: 1998-03-01

Updated: 2008-09-09

Summary

The info2www CGI script allows remote file access or remote command execution.

Vulnerable Configurations

Part	Description	Count
Application	Roar_Smith Roar Smith Info2Www *	1

Exploit-Db

description	Info2www 1.0/1.1 CGI Input Handling Vulnerability. CVE-1999-0266 . Remote exploit for cgi platform
id	EDB-ID:20430
last seen	2016-02-02
modified	1998-03-03
published	1998-03-03
reporter	Niall Smart
source	https://www.exploit-db.com/download/20430/
title	Info2www 1.0/1.1 CGI Input Handling Vulnerability

Nessus

NASL family	CGI abuses
NASL id	INFO2WWW.NASL
description	The
last seen	2020-06-01
modified	2020-06-02
plugin id	10127
published	1999-06-22
reporter	This script is Copyright (C) 1999-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/10127
title	Multiple Vendor info2www CGI Arbitrary Command Execution
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if(description) { script_id(10127); script_version ("1.34"); script_cve_id("CVE-1999-0266"); script_bugtraq_id(1995); script_name(english:"Multiple Vendor info2www CGI Arbitrary Command Execution"); script_summary(english:"Checks for the presence of /cgi-bin/info2www"); script_set_attribute(attribute:"synopsis", value: "The remote web server is running a CGI that is affected by a remote command execution vulnerability." ); script_set_attribute(attribute:"description", value: "The 'info2www' CGI is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon (usually root or nobody)." ); script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/1998/Mar/15" ); script_set_attribute(attribute:"solution", value: "There is no known solution at this time." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:W/RC:ND"); script_set_attribute(attribute:"plugin_publication_date", value: "1999/06/22"); script_set_attribute(attribute:"vuln_publication_date", value: "1998/03/03"); script_cvs_date("Date: 2018/11/15 20:50:17"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 1999-2018 Tenable Network Security, Inc."); script_family(english:"CGI abuses"); script_dependencie("http_version.nasl", "find_service1.nasl", "no404.nasl"); script_require_ports("Services/www", 80); script_exclude_keys("Settings/disable_cgi_scanning"); exit(0); } # # The script code starts here # include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); port = get_http_port(default:80); foreach dir (cgi_dirs()) { res = http_send_recv3(method:"GET", item:string(dir, "/info2www"), port:port); if (isnull(res)) exit(1, "The web server on port "+port+" failed to respond."); if(egrep(pattern:".generated by info2www 1\.[01][^0-9].", string:res[2])){ security_hole(port); exit(0); } }

Seebug

bulletinFamily	exploit
description	BugCVE: CVE-1999-0266 BUGTRAQ: 1995 “info2www”是一个将GNU Info文本转化成HTML文件的CGI程序。某些早期版本的info2www脚本实现上存在输入验证漏洞，远程攻击者可以利用此漏洞以Web进程的权限在主机上执行任意系统命令。问题在于程序脚本没有过滤用户输入中包含的一些shell元字符，远程攻击者可能以Web守护程序的权限（root或nobody）在主机上执行任意程序。 1.0-1.1 临时解决方法：如果您不能立刻安装补丁或者升级，NSFOCUS建议您采取以下措施以降低威胁： * 如果不需要使用info2www脚本，去除此脚本的执行权限或删除之。厂商补丁： Roar Smith ---------- 程序作者已经在最新版的软件中修补了此安全漏洞，请到作者的主页下载： <a href=http://www.gnu.org/directory/gnats.html target=_blank>http://www.gnu.org/directory/gnats.html</a>
id	SSV:4291
last seen	2017-11-19
modified	2008-10-25
published	2008-10-25
reporter	Root
source	https://www.seebug.org/vuldb/ssvid-4291
title	RoarSmithinfo2www远程执行任意命令漏洞

References

http://www.securityfocus.com/bid/1995