Signature Detail
Short Name |
HTTP:CGI:ANYFORM-SEMICOLON |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Anyform Semicolon |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Anyform Semicolon
This signature detects attempts to exploit a known vulnerability against AnyForm CGI script. AnyForm is a popular CGI form designed to support simple forms that deliver responses through e-mail. Some versions of AnyForm do not perform user supplied data sanity checking, and can allow remote execution of arbitrary commands on the server.
Extended Description
AnyForm is a popular form CGI designed to support simple forms that deliver responses via email. Certain versions of AnyForm did not perform user supplied data sanity checking and could be exploited by remote intruders to execute arbitrary commands. These commands were issued as the UID which the web server runs as, typically 'nobody'.
Affected Products
- John S. Roberts AnyForm 1.0.0
- John S. Roberts AnyForm 2.0.0
References
- BugTraq: 719
- CVE: CVE-1999-0066