| VID |
21095 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The 'w3-msql' CGI script developped by Hughes Technology is a cgi-program shipped with Mini-SQL which acts as a web interface for msql.
There are a number of buffer overflow vulnerabilities in it with one proven to be exploitable. The exploitable buffer is the content-length field and the stack is overflowed inside of a scanf() call. As a result, it is possible to execute arbitrary code remotely as the uid of the webserver (usually nobody).
* References:
http://www.tryc.on.ca/archives/bugtraq/1999_3/1074.html
http://www.securityfocus.com/bid/898 |
| Recommendation |
Contact the vendor of mini-sql (http://hugues.com.au) and ask for a patch. Meanwhile, remove w3-msql from /cgi-bin |
| Related URL |
CVE-2000-0012 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
