SecurityTracker: CCBill Input Validation Flaw in 'whereami.cgi' Script Permits Remote Operating System Command Execution

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Commerce) > CCBill

Vendors: CCBILL LLC

CCBill Input Validation Flaw in 'whereami.cgi' Script Permits Remote Operating System Command Execution

SecurityTracker Alert ID: 1007100

SecurityTracker URL: http://securitytracker.com/id/1007100

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Date: Jul 3 2003

Impact: Execution of arbitrary code via network, User access via network

Exploit Included: Yes

Description: A vulnerability was reported in the CCBill credit card processing software. A remote user can execute arbitrary commands on the target system.

It is reported that the 'whereami.cgi' script in the 'ccbill' directory lets a remote user submit commands to be executed by the target web server. A demonstration exploit is provided:

http://victimhost/ccbill/whereami.cgi?g=cat%20../../../../etc/password

According to the report, some web sites using the software have been successfully penetrated.

The report also indicates that other CCBill scripts contain vulnerabilities [but these were not specifically identified in the report].

The vendor has reportedly been notified.

Impact: A remote user can execute arbitrary shell commands on the target system with the privileges of the web server.

Solution: No solution was available at the time of this entry.

Vendor URL: about.ccbill.com/ (Links to External Site)

Cause: Input validation error

Underlying OS:

Message History: None.

Source Message Contents

Date: Thu, 3 Jul 2003 15:49:05 -0400
Subject: [Full-Disclosure] Vulnerability in CCBill script


Recently there are many hacking attempts attacking E-commerce site
that use CCBILL to precess credit cards. Some of my clients sites are
hacked and defaced by this vulnerability. In the Incidents List,
some people already mention about it. I just take a look at the 
actual problem and figure out that the vulnerability is at the whereami.cgi
in the /ccbill/ directory. That script allow attackers to run commands
without authorization.

Example :
http://victimhost/ccbill/whereami.cgi?g=cat%20../../../../etc/password

I already sent an email to CCbill and ask them to alert their clients
to remove that scripts ASAP because of the mass defacing contest in July
6th.
There are also many other vulnerabilities in their other scripts too. If you
want to have fun, just do some research. :-)

Have a good day

Tri Huynh
SentryUnion


--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2012, SecurityGlobal.net LLC