WebGlimpse query Parameter Command Injection

high Nessus Plugin ID 58412

Language:

Synopsis

The remote web server hosts a CGI script that contains a command injection vulnerability.

Description

The version of WebGlimpse installed on the remote host does not sufficiently sanitize user input to the 'query' parameter of the 'webglimpse.cgi' script before using it to construct and then run a command.

An unauthenticated, remote attacker can leverage this issue to execute arbitrary code on the affected host, subject to the privileges under which the web server runs.

Note that this vulnerability is being actively exploited in the wild as of March 2012.

Solution

Upgrade to WebGlimpse 2.20.0 or later.

Plugin Details

Severity: High

ID: 58412

File Name: webglimpse_query_cmd_exec.nasl

Version: 1.12

Type: remote

Family: CGI abuses

Published: 3/21/2012

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:webglimpse:webglimpse

Required KB Items: www/webglimpse

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Patch Publication Date: 2/14/2012

Vulnerability Publication Date: 3/20/2012

Exploitable With

Elliot (WebGlimpse 2.18.8 RCE)

Reference Information

CVE: CVE-2012-1795

BID: 52627

CERT: 364363

Detections

Analytics