Title: WebGlimpse Character Filtering Arbitrary Command Execution Vulnerability
Severity: HIGH
Description:
WebGlimpse is a web search and index software package. It is maintained by public domain, and licensed by the University of Arizona.
A problem with the software package could make it possible for remote users to perform unauthorized activities. The problem is in the filtering of special characters.
WebGlimpse does not properly sanitize input. By not doing so, it is possible for a remote user to pass arbitrary commands through the web interface to the underlying system. This problem can be exploited through encapsulating arbitrary commands with backquotes (`).
This makes it possible for a remote user to execute commands on a local system with the privileges of the http server process. This could lead to an information gathering attack, and potentially a remote user gaining access to the system as an unprivileged user.
Affected Products:
- WebGlimpse.org WebGlimpse 1.0.0
- WebGlimpse.org WebGlimpse 1.5.0
- WebGlimpse.org WebGlimpse 1.7.12
- WebGlimpse.org WebGlimpse 2.0.0
- WebGlimpse.org WebGlimpse 2.2.0.0
References:
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
