Confixx 2 – Perl Debugger Remote Command Execution

22次阅读
没有评论

Confixx 2 – Perl Debugger Remote Command Execution

漏洞ID 1054404 漏洞类型
发布时间 2004-03-09 更新时间 2004-03-09
Confixx 2 - Perl Debugger Remote Command ExecutionCVE编号 N/A
Confixx 2 - Perl Debugger Remote Command ExecutionCNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/23798
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/9831/info

The Confixx PERL debugging utility functionality has been reported to be prone to a remote command execution vulnerability. The issue is reported to occur when a command sequence is appended to a HTTP request for a PERL script resource, the command sequence must contain a prefixed ';' semi-colon character. When this request is processed, the command sequence will be reportedly executed with the privileges of the process that invokes the Confixx PERL debugging utility.

; /bin/cat location_of_Confixx_config_file
http://www.example.com/user/tools_cgicheck2.php?dir=&file=%20./x%20|/bin/cat%20/etc/passwd

相关推荐: Macromedia Dreamweaver MX PHP User Authentication Suite Cross-Site-Scripting Vulnerability

Macromedia Dreamweaver MX PHP User Authentication Suite Cross-Site-Scripting Vulnerability 漏洞ID 1099741 漏洞类型 Input Validation Erro…

正文完
 0