Vulnerabilities > CVE-2001-0849 - Unspecified vulnerability in Duncan Hall Viralator 0.7/0.8/0.9Pre1

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
duncan-hall
nessus
NVD
Published: 2001-12-06
Updated: 2024-11-20

Summary

viralator CGI script in Viralator 0.9pre1 and earlier allows remote attackers to execute arbitrary code via a URL for a file being downloaded, which is insecurely passed to a call to wget.

Vulnerable Configurations

Part Description Count
Application
Duncan_Hall
3

Nessus

NASL familyCGI abuses
NASL idVIRALATOR.NASL
descriptionThe CGI
last seen2020-06-01
modified2020-06-02
plugin id11107
published2002-08-22
reporterThis script is Copyright (C) 2002-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/11107
titleViralator CGI Script Arbitrary Command Execution
code
#
# (C) Tenable Network Security, Inc.
#

# References:
# http://marc.info/?l=bugtraq&m=100463639800515&w=2

include("compat.inc");

if (description)
{
 script_id(11107);
 script_version("1.21");
 script_cvs_date("Date: 2018/08/06 14:03:14");

 script_cve_id("CVE-2001-0849");
 script_bugtraq_id(3495);

 script_name(english:"Viralator CGI Script Arbitrary Command Execution");
 script_summary(english:"Checks for the presence of /cgi-bin/viralator.cgi");

 script_set_attribute(attribute:"synopsis", value:
"The remote host has an application that may allow arbitrary code
execution on the remote system.");
 script_set_attribute(attribute:"description", value:
"The CGI 'viralator.cgi' is installed. Some versions of this CGI are
don't check properly the user input and allow anyone to execute
arbitrary commands with the privileges of the web server.

** No flaw was tested. Your script might be a safe version.");
 script_set_attribute(attribute:"solution", value:"Upgrade this script to version 0.9pre2 or later");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
 script_set_attribute(attribute:"exploit_available", value:"false");

 script_set_attribute(attribute:"vuln_publication_date", value:"2001/11/01");
 script_set_attribute(attribute:"plugin_publication_date", value:"2002/08/22");

 script_set_attribute(attribute:"potential_vulnerability", value:"true");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.");
 script_family(english:"CGI abuses");

 script_dependencie("http_version.nasl", "find_service1.nasl", "no404.nasl");
 script_require_keys("Settings/ParanoidReport");
 script_require_ports("Services/www", 80);

 exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

if (report_paranoia < 2) audit(AUDIT_PARANOID);

port = get_http_port(default:80);

if (is_cgi_installed3(port: port, item:"/viralator.cgi"))
  security_hole(port);

References