发布时间 :2001-11-16 00:00:00
修订时间 :2017-10-09 21:29:55

[原文]Network Tools 0.2 for PHP-Nuke allows remote attackers to execute commands on the server via shell metacharacters in the $hostinput variable.

[CNNVD]PHP-Nuke Network Tools执行服务器命令漏洞(CNNVD-200111-014)

        PHP-Nuke的Network Tools 0.2版本存在漏洞。远程攻击者可以借助$hostinput变量的shell元字符执行服务器命令。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BUGTRAQ  20011116 Network Tool 0.2 Addon for PHPNuke vulnerable to remote command execution
(UNKNOWN)  XF  phpnuke-nettools-command-execution(7578)

- 漏洞信息

PHP-Nuke Network Tools执行服务器命令漏洞
高危 未知
2001-11-16 00:00:00 2005-09-14 00:00:00
        PHP-Nuke的Network Tools 0.2版本存在漏洞。远程攻击者可以借助$hostinput变量的shell元字符执行服务器命令。

- 公告与补丁


- 漏洞信息 (21155)

Network Tool 0.2 PHPNuke Addon Metacharacter Filtering Command Execution Vulnerability (EDBID:21155)
php remote
2001-11-16 Verified
0 Cabezon Aurélien
N/A [点击下载]

Network Tool is a PHPNuke addon, written and maintained by Rick Fournier. It is designed to offer network features such as nmap, traceroute, and ping from a web interface.

A problem with the package has been discovered that could allow remote users to gain arbitrary access to restricted resources. The problem is in the filtering of metacharacters by the interface. A command passed to the modules in the suite could be encapsulated in metacharacters, and would result in the command being executed on the system with the permissions of the httpd process.

This makes it possible for a remote user to execute arbitrary commands, and potentially gain access to a vulnerable host. 

Asking the Php script for Pinging, Nmap, or traceroute this kind of adresse
<;ls -al> will allow any user to run " ls -al " command as whatever user runs the web server. 		

- 漏洞信息

Network Tools Addon for PHP-Nuke Metacharacter Handling Remote Command Execution
Remote / Network Access Input Manipulation
Loss of Integrity Solution Unknown
Exploit Public Uncoordinated Disclosure

- 漏洞描述

- 时间线

2001-11-16 Unknow
Unknow Unknow

- 解决方案


Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete