| VID |
21328 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The RiSearch software is vulnerable to an open proxy vulnerability.
The RiSearch (and Pro) Suite is a set of PERL scripts that enables users to search Web sites for Microsoft Windows, Unix and Linux platforms. RiSearch version 1.0.1 and earlier and RiSearch Pro version 3.2.6 could allow a remote attacker to use RiSearch as an open proxy server by doing a request like:
http://[target.com]/cgi-bin/search/show.pl?url=http://www.google.com
This flaw is due to a lack of sufficient sanitization performed on user supplied URI parameters to the show.pl script. A remote attacker can exploit this flaw to use the target host as a proxy, and therefore anonymously to access Web servers on the internet, which is very useful for analysing/attacking other servers using Web protocols.
* References:
http://www.securityfocus.com/archive/1/370103
http://www.irmplc.com/advisories.htm
http://packetstormsecurity.nl/0407-exploits/IRM-009.txt
* Platforms Affected:
S.Tarasov, RiSearch 1.0.1 and earlier
S.Tarasov, RiSearch Pro 3.2.6
Microsoft Windows Any version
Unix Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of RiSearch package (updated on July 8th 2004 or later), available from RiSearch download site at http://rth.dk/resources/risearch/ |
| Related URL |
CVE-2004-2061 (CVE) |
| Related URL |
10812 (SecurityFocus) |
| Related URL |
16817 (ISS) |
|
