Bugtraq mailing list archives
DNSTools v1.08 has no input validation
From: jonathan () LETO NET (Jonathan Leto)
Date: Thu, 2 Mar 2000 08:59:15 -0500
Hello all. Dnstools 1.08 ( available at http://www.dnstools.com/dnst_v1.tgz ) has 18 cgi scripts with various functions, like AddMx, DeleteDomain, that all start off like this: ----------------- #!/usr/bin/perl use CGI; use DBI; my $CGI = new CGI; ######################################################## ### Get all of the values from the web form ######################################################## my $host_name; my $domain_name; $host_name = $CGI->param("host_name"); $domain_name = $CGI->param("domain_name"); $error_description = ""; my $error_code = system("/usr/local/dnstools/delete_mx -d \"$domain_name\" -n \"$host_name\""); ------------- Not a lick of input validation is done, so executing and poking around the filesystem as the webserver is possible. It doesn't even vainly check the referrer. This costs $800?? -- jonathan () leto net http://leto.net "With pain comes clarity."
Current thread:
- DNSTools v1.08 has no input validation Jonathan Leto (Mar 02)