CVE-2000-0010
published 1999-12-26CVE-2000-0010: WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter.
PriorityP341critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
11.07%
95.4th percentile
WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tony_greenwood | webwho | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Cisco VPN Client - Integer Overflow Denial of Service
exploitdb·2009-11-21
CVE-2009-4118 Cisco VPN Client - Integer Overflow Denial of Service
Cisco VPN Client - Integer Overflow Denial of Service
---
/*
Cisco VPN client version 5.0.03.0560
Cisco VPN client Version 5.0.04.0300
Cisco VPN client Version 5.0.05.0290
Cisco VPN client Version 4.8.02.0010
*/
/*
* Cisco VPN Client 0day Integer overflow (DOS) Proof Of Concept Code
*
* By Alex Hernandez aka alt3kx (c) November 2009
*
* This POC is only for test. If an application read a malformed chars
* file like this POC, the application will be crashed.
*
* We tested this code on:
*
* Windows Vista Bussines SP1 Spanish
* Windows Vista Home Premium SP1 English
* Windows 2000 Server English
* Windows XP Professional SP3
*
* Cisco VPN client version 5.0.03.0560
* Cisco VPN client Version 5.0.04.0300
* Cisco VPN client Version 5.0.05.0290
* Cisco VPN client Version 4.8.02.0010
*
* Compi
Exploit-DB
Tony Greenwood WebWho+ 1.1 - Remote Command Execution
exploitdb·1999-12-26
CVE-2000-0010 Tony Greenwood WebWho+ 1.1 - Remote Command Execution
Tony Greenwood WebWho+ 1.1 - Remote Command Execution
---
source: https://www.securityfocus.com/bid/892/info
WebWho+ is a free cgi script written by Tony Greenwood for executing whois queries via the www. Though it does perform checks for shell escape characters on some parameters, it misses the 'type' variable and allows for malicious input to be sent to a shell. It is possible to execute arbitrary commands on a webserver running WebWho+ v1.1 with the uid of the webserver (usually nobody).
#!/usr/bin/perl
#
# hhp-webwho.pl
# WebWho+ v1.1 (whois cgi) remote exploit.
#
# By: loophole of hhp.
# [12/26/99]
#
# http://hhp.perlx.com/
# [email protected]
#
# Advisrory: http://hhp.perlx.com/ouradvisories/hhp-webwho.txt
use IO::Socket;
if (@ARGV [-e ] \n\n";
print "* Server = www.exampl
No writeups or analysis indexed.
1999-12-26
Published