Synopsis
The remote web server contains a CGI script that allows arbitrary command execution.
Description
The remote host is running K-COLLECT csv-database, a web application written in perl.
The remote version of this software fails to sanitize user input to the 'file' parameter of the 'csv_db.cgi' script before using it to run a shell command. An unauthenticated can exploit this issue to execute arbitrary commands on the remote host subject to the privileges under which the web server operates.
Solution
Remove this script.
Plugin Details
File Name: cvs_db_cmd_exec.nasl
Supported Sensors: Nessus
Vulnerability Information
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Ease: No exploit is required
Vulnerability Publication Date: 6/28/2005
Reference Information
BID: 14059