Title: Michael Barretto CardBoard Remote Command Execution Vulnerability
Severity: HIGH
Description:
CardBoard is an application used to send out e-greeting cards, and is maintained by Michael Barretto.
Due to the improper filtering of certain types of user-supplied input, it is possible for a user to submit a greeting card which causes arbitrary commands to be executed on the host with privileges of the server.
This is achievable by specifying arbitrary characters in the recipient field. The user must then send the greeting card. CardBoard insufficiently sanitizes input from untrusted sources. For example, an attacker can use shell metacharacters (';', '|', etc.), which will allow arbitrary commands to be executed by the host with the privileges of the webserver process.
Successful exploitation of this vulnerability could lead to a complete compromise of the host.
* Reproduction of this issue has not been successful.
Affected Products:
- Michael Barretto CardBoard 2.4.0
References:
- Michael Barretto: CardBoard Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
