Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:CGI:SITESEARCHER-EXEC

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 search http

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Super Site Searcher Arbitrary Command Execution


This signature detects attempts to exploit a known vulnerability in Independent Solution Super Site Searcher and Simple Site Searcher. The Site searchers do not securely strip shell metacharacters, allowing attackers to send malicious commands to the Web server and execute programs with user permissions of the Web server daemon.

Extended Description

Super Site Searcher is prone to remote command execution. Shell metacharacters are not adequately filtered from query string parameters in a request to the vulnerable search engine script. The parameters are then used in a function which passes commands directly through the shell. A remote attacker may exploit this condition to execute arbitrary commands on the shell with the privileges of the webserver process. Simple Site Searcher, released by the same vendor, is also prone to this issue.

Affected Products

  • Independent Solution Simple Site Searcher
  • Independent Solution Super Site Searcher

References

  • BugTraq: 5605
  • URL: http://www.securityfocus.com/bid/5605/exploit

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out