Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Ray Chan WWW Authorization Gateway 0.1 - Command Execution

Related Vulnerabilities: CVE-1999-1436  
Publish Date: 08 Jul 1998
Author: Albert Nubdy
Source / Download Exploit 
                							

                source: http://www.securityfocus.com/bid/152/info

A vulnerability exists in the WWW Authorization Gateway program written by Ray Chan. Version 1.0 fails to eliminate characters with special meaning to the shell prior to executing a command. As a result, an attacker can utilize certain characters to execute arbitrary commands on a system remotely, as whatever user invoked the cgi-bin.

Place the following as a username: 
| some command 
and any password. The command will be executed.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started