Detections
Analytics

Looking Glass Multiple Vulnerabilities

high Nessus Plugin ID 19523

Language:

Synopsis

The remote web server contains a PHP application that is affected by multiple issues.

Description

The remote host appears to be running Jurriaan de Neef's Looking Glass script, which provides a web interface to various network utilities such as ping, traceroute, and whois.

The installed version of Looking Glass suffers from a flaw that allows an attacker, by manipulating input to the 'target' parameter of the 'lp.php' script, to execute commands on the remote host subject to the permissions of the web server user id. In addition, it also is prone to cross-site scripting attacks due to its failure to sanitize user-supplied input to the 'version' parameter of the 'header.php' and 'footer.php' scripts.

Solution

Unknown at this time.

See Also

https://seclists.org/bugtraq/2005/Aug/379

Plugin Details

Severity: High

ID: 19523

File Name: lg_target_cmd_exec.nasl

Version: 1.29

Type: remote

Family: CGI abuses

Published: 8/30/2005

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.1

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:looking_glass:looking_glass

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: No exploit is required

Exploited by Nessus: true

Vulnerability Publication Date: 8/27/2005

Reference Information

CVE: CVE-2005-2776, CVE-2005-2777

BID: 14680, 14682

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990