| VID |
21622 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The e107 ePing plugin is vulnerable to a remote command execution vulnerability. e107 is a freely available, Web content management system written in PHP. ePing is a ping utility plugin for e107. ePing plugin versions 1.x prior to 1.02 could allow a remote attacker to execute arbitrary shell commands, caused by improper validation of user-supplied input in the doping.php script. By sending a specially-crafted POST request containing shell commands in the eping_cmd, eping_host or the eping_count parameter of the doping.php script, a remote attacker could execute arbitrary shell commands on the affected host with privileges of the Web server.
* References:
http://www.e107faq.org/download.php?view.310
http://archives.neohapsis.com/archives/bugtraq/2005-06/0059.html
http://secunia.com/advisories/15653/
* Platforms Affected:
e107.org, ePing plugin versions 1.x prior to 1.02
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of ePing plugin (1.02 or later), available from the e107 Web page at http://www.e107.org |
| Related URL |
CVE-2005-2559 (CVE) |
| Related URL |
13929 (SecurityFocus) |
| Related URL |
20972 (ISS) |
|
