HTTP: CDomainFree Remote Execution

This signature detects attempts to exploit a vulnerability in whois_raw.cgi, a part of CdomainFree. Attackers can remotely run executables existing on the Web server.

Extended Description

A vulnerability in a CGI program part of CdomainFree allows remote malicious users to run any executable already existing to the machine. The vulnerability is in the whois_raw.cgi program. This CGI passes user input to the shell without proper filtering. None of the Cdomain commercial version (e.g. CdomainPro) are vulnerable as they connect the the whois servers directly.

Affected Products

Cdomain cdomainfree

Short Name
HTTP:CGI:CDOMAINFREE-RMT-EXEC
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CDomainFree CVE-1999-1063 Execution Remote bid:304
Release Date
04/22/2003
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Cdomain

CVSS Score

10.0

Found a potential security threat?