Sun Sunsolve CD Pack sscd_suncourier.pl email Parameter Arbitrary Command Execution

critical Nessus Plugin ID 11066

Synopsis

The remote service is vulnerable to injection attacks allowing command execution.

Description

The Sunsolve CD is part of the Solaris Media pack. It is included as a documentation resource, and is available for the Solaris Operating Environment.

Sunsolve CD CGI scripts does not validate user input. Crackers may use them to execute some commands on your system.

** Note: Nessus did not try to perform the attack.

Solution

Do not use the SunSolve CD.

See Also

https://seclists.org/bugtraq/2002/Mar/202

Plugin Details

Severity: Critical

ID: 11066

File Name: sscd_input.nasl

Version: 1.24

Type: remote

Family: CGI abuses

Published: 8/6/2002

Updated: 1/19/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Exploit Ease: No exploit is required

Vulnerability Publication Date: 3/11/2002

Reference Information

CVE: CVE-2002-0436

BID: 4269