IRC Xchat client命令执行漏洞

IRC Xchat client命令执行漏洞

漏洞ID 1105966 漏洞类型 未知
发布时间 2000-08-17 更新时间 2005-05-16
图片[1]-IRC Xchat client命令执行漏洞-安全小百科CVE编号 CVE-2000-0787
图片[2]-IRC Xchat client命令执行漏洞-安全小百科CNNVD-ID CNNVD-200010-031
漏洞平台 Linux CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/20161
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200010-031
|漏洞详情
IRCXchatclient1.4.2及其之前的版本存在漏洞。远程攻击者可以通过创建web浏览器的XChatURLshell元字符编码执行任意命令。
|漏洞EXP
source: http://www.securityfocus.com/bid/1601/info

A vulnerability exists in versions 1.4.2 and earlier of the X-Chat IRC client. By supplying commands enclosed in backticks (``) in URL's sent to X-Chat, it is possible to execute arbitrary commands should the X-Chat user decide to view the link by clicking on it. This is due to the manner in which X-Chat launches pages for viewing.

X-Chat launches Netscape without checking for shell metacharacters in the supplied URL. This allows for an attacker to exploit shell expansion capabilities to execute commands as the user running Netscape.

http://www.altavista.com/?x=`date`y='`date`'
|参考资料

来源:BID
名称:1601
链接:http://www.securityfocus.com/bid/1601
来源:BUGTRAQ
名称:20000825ConectivaLinuxSecurityAnnouncement-xchat
链接:http://archives.neohapsis.com/archives/bugtraq/2000-08/0305.html
来源:BUGTRAQ
名称:20000824MDKSA-2000:039-xchatupdate
链接:http://archives.neohapsis.com/archives/bugtraq/2000-08/0301.html
来源:BUGTRAQ
名称:20000817XChatURLhandlervulnerabilty
链接:http://archives.neohapsis.com/archives/bugtraq/2000-08/0215.html
来源:REDHAT
名称:RHSA-2000:055
链接:http://www.redhat.com/support/errata/RHSA-2000-055.html

相关推荐: CiscoWorks Common Management Foundation (CMF)提升特权漏洞

CiscoWorks Common Management Foundation (CMF)提升特权漏洞 漏洞ID 1202401 漏洞类型 未知 发布时间 2003-10-20 更新时间 2003-10-20 CVE编号 CVE-2003-0732 CNNVD…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享