HTTP: Ikonboard Illegal Cookie Language
This signature detects attempts to exploit a known vulnerability in IkonBoard, a popular Web-based discussion board. Attackers can send a maliciously crafted cookie that contains illegal characters to IkonBoard to execute arbitrary code with IkonBoard priveleges (typically user level).
Extended Description
It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data. An attacker may exploit this issue to execute arbitrary commands in the security context of the web server hosting the vulnerable IkonBoard.
Affected Products
Ikonboard.com ikonboard
Short Name
HTTP:CGI:IKONBOARD-BADCOOKIE
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Cookie Ikonboard Illegal Language bid:7361
Release Date
06/18/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Ikonboard.com