Short Name |
HTTP:CGI:IKONBOARD-BADCOOKIE |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
Ikonboard Illegal Cookie Language |
Release Date |
2003/06/18 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in IkonBoard, a popular Web-based discussion board. Attackers can send a maliciously crafted cookie that contains illegal characters to IkonBoard to execute arbitrary code with IkonBoard priveleges (typically user level).
It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data. An attacker may exploit this issue to execute arbitrary commands in the security context of the web server hosting the vulnerable IkonBoard.