Title: Sun Sunsolve CD SSCD_SunCourier.pl CGI Script Arbitrary Command Execution Vulnerability
Severity: HIGH
Description:
The Sunsolve CD is part of the Solaris Media pack. It is included as a documentation resource, and is available for the Solaris Operating Environment.
A problem with the sscd_suncourier.pl script included with the package could make it possible for a remote user to execute arbitrary commands on a vulnerable system.
The Sunsolve CD is not installed as part of the default installation of the operating system. It is instead included as an add-on CD with documentation, and a web browser that runs with lowered permissions when the program is run.
A CGI script included with the CD does not adequately sanitize input. Due to a design failure which does not remove special characters such as the pipe (|) character, a user submitting a malicious email address to the script could execute arbitrary commands with the permissions of the executing program.
Affected Products:
- Sun Solaris 7.0
- Sun Solaris 7.0_x86
- Sun Solaris 8
- Sun Solaris 8_x86
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
