Detections
Analytics
CGI Generic Command Execution (time-based, intrusive)
high Nessus Plugin ID 51528
Language:
Synopsis
It may be possible to run arbitrary code on the remote web server.Description
The remote web server hosts CGI scripts that seem to fail to adequately sanitize request strings. By leveraging this issue, an attacker may be able to execute arbitrary commands on the remote host.Note that :
- This script uses a time-based detection method that is less reliable than the basic method.
- The method is intrusive and may lock the web server if the web application is allows Command Injection. If this happens, restart the web server.
Solution
Restrict access to the affected application and contact the vendor for a patch or upgrade.See Also
https://en.wikipedia.org/wiki/Code_injection
http://projects.webappsec.org/w/page/13246950/OS%20Commanding
Plugin Details
Severity: High
ID: 51528
File Name: torture_cgi_command_exec3.nasl
Version: 1.13
Type: remote
Family: CGI abuses
Published: 1/14/2011
Updated: 1/19/2021
Supported Sensors: Nessus
Vulnerability Information
Required KB Items: Settings/enable_web_app_tests