HTTP: Apache for Win32 Batch-Pipe

This signature detects attempts to exploit a known vulnerability in the test-cgi.bat script included with Apache for Win32, 2.0.x. Attackers can use the pipe character (|) as a .bat or .cmd argument to execute arbitrary commands on the server.

Extended Description

Special characters (such as |) may not be filtered by the batch file handler when a web request is made for a batch file. As a result, a remote attacker may be able to execute arbitrary commands on the host running the vulnerable software. It should be noted that webservers on Windows operating systems normally run with SYSTEM privileges. The 2.0.x series of Apache for Microsoft Windows ships with a test batch file which may be exploited to execute arbitrary commands. Since this issue is in the batch file handler, any batch file which is accessible via the web is appropriate for the purposes of exploitation.

Affected Products

Apache_software_foundation apache

Short Name
HTTP:CGI:BATCH-PIPE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Apache Batch-Pipe CVE-2002-0061 Win32 bid:4335 for
Release Date
04/22/2003
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Apache_software_foundation

CVSS Score

7.5

Found a potential security threat?