Signature Detail
Short Name |
SCAN:MISC:HTTP:ARCHITEXT-QUERY |
|---|---|
Severity |
Info |
Recommended |
No |
Category |
SCAN |
Keywords |
Architext_query.pl Access |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SCAN: Architext_query.pl Access
This signature detects attempts to exploit the architext_query.pl script vulnerability in the Excite for Web Server package. Attackers can send a semi-colon as an argument to the script, followed by the shell command to execute arbitrary shell commands.
Extended Description
Excite for Web Servers, version 1.1, for Unix and Windows NT platforms, is a search engine software suite. A vulnerability in one of the scripts, architext_query.pl, allows a remote attacker to execute arbitrary commands with the privileges of the web server. Specific details of how this can be accomplished are not currently known by SecurityFocus staff, although it has been suggested that this is a shell metacharacter (eg., the pipe character) filtering issue (see CVE). Consequences of successful exploitation could include web site defacement, elevation of privileges by exploiting locally accessible vulnerabilities, etc.
Affected Products
- Excite Excite for Web Servers 1.1.0
References
- BugTraq: 2248
- CVE: CVE-1999-0279
- URL: http://www.insecure.org/sploits/excite_for_web_servers_cgi.html