HTTP: CVSWEB cvsweb.cgi ';' Exploit
This signature detects attempts to exploit a known vulnerability against the cvsweb.cgi script, used by Web servers to display and manage the concurrent version system (CVS) tree. Attackers can use maliciously crafted arguments to remotely execute arbitrary shell commands on the server.
Extended Description
Cvsweb 1.80 makes an insecure call to the perl OPEN function, providing attackers with write access to a cvs repository the ability to execute arbitrary commands on the host machine. The code that is being exploited here is the following: open($fh, "rlog '$filenames' 2>/dev/null |")
Affected Products
Cvsweb_developer cvsweb
Short Name
HTTP:CGI:CVSWEB-CGI-SEMICOLON
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
';' CVE-2000-0670 CVSWEB Exploit bid:1469 cvsweb.cgi
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Cvsweb_developer
CVSS Score
7.2