Signature Detail
Short Name |
SCAN:MISC:HTTP:SEARCH97-VTS |
|---|---|
Severity |
Info |
Recommended |
No |
Category |
SCAN |
Release Date |
2005/02/23 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SCAN: Verity Search97 Access
This signatures detects access to search97.vts, a CGI script that contains several vulnerabilities. Attackers can read any file on the Web server or shutdown the script.
Extended Description
A pair of vulnerabilities exist in Verity's Search`97 web interface to the Verity search engine. The first vulnerability is due to cgi-bin scripts, s97_cgi and s97r_cgi failing to check for the existence of certain shell meta characters. This allows an attacker to access any file on the file system. The second vulnerability is due to a lack of authentication being used to access the Verity administrative program. Any user can telnet to the appropriate port, and issue a command to shut the Verity software down.
Affected Products
- Verity Inc. Search97 2.1.0
References
- BugTraq: 162
- URL: http://www.verity.com/
- URL: http://www.securityfocus.com/archive/1/9891