Vulnerability Details

ID: CVE-1999-0885

Last Modified: Sept. 9, 2008

Open in new window

Description

Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL.

CVSS V2

Access Vector: Local

Access Complexity: Low

Authentication: None

Confidentiality Impact: Partial

Integrity Impact: Partial

Availability Impact: None

Base Score: 3.6

Exploitability Score: 3.9

Impact Score: 4.9

CVSS V2: AV:L/AC:L/Au:N/C:P/I:P/A:N

Specialize CVSS-Score

CWE-ID

NVD-CWE-Other

Snort-Rules

['alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS ( msg:"SERVER-WEBAPP get32.exe access"; flow:to_server,established; http_uri; content:"/get32.exe",fast_pattern,nocase; metadata:ruleset community; service:http; reference:bugtraq,1485; reference:bugtraq,770; reference:cve,1999-0885; reference:nessus,10011; classtype:attempted-recon; sid:1180; rev:24; )\n', 'alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS ( msg:"SERVER-WEBAPP alibaba.pl arbitrary command execution attempt"; flow:to_server,established; http_uri; content:"/alibaba.pl|7C|",fast_pattern,nocase; metadata:ruleset community; service:http; reference:bugtraq,770; reference:cve,1999-0885; reference:nessus,10013; classtype:web-application-attack; sid:1507; rev:18; )\n', 'alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS ( msg:"SERVER-WEBAPP alibaba.pl access"; flow:to_server,established; http_uri; content:"/alibaba.pl",fast_pattern,nocase; metadata:ruleset community; service:http; reference:bugtraq,770; reference:cve,1999-0885; reference:nessus,10013; classtype:web-application-activity; sid:1508; rev:17; )\n', 'alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS ( msg:"SERVER-WEBAPP tst.bat access"; flow:to_server,established; http_uri; content:"/tst.bat",fast_pattern,nocase; metadata:ruleset community; service:http; reference:bugtraq,770; reference:cve,1999-0885; reference:nessus,10014; classtype:web-application-activity; sid:1650; rev:15; )\n', '# alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"SERVER-WEBAPP get32.exe access"; flow:to_server,established; content:"/get32.exe"; fast_pattern:only; http_uri; metadata:ruleset community, service http; reference:bugtraq,1485; reference:bugtraq,770; reference:cve,1999-0885; reference:nessus,10011; classtype:attempted-recon; sid:1180; rev:24;)\n', '# alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"SERVER-WEBAPP alibaba.pl arbitrary command execution attempt"; flow:to_server,established; content:"/alibaba.pl|7C|"; fast_pattern:only; http_uri; metadata:ruleset community, service http; reference:bugtraq,770; reference:cve,1999-0885; reference:nessus,10013; classtype:web-application-attack; sid:1507; rev:18;)\n', '# alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"SERVER-WEBAPP alibaba.pl access"; flow:to_server,established; content:"/alibaba.pl"; fast_pattern:only; http_uri; metadata:ruleset community, service http; reference:bugtraq,770; reference:cve,1999-0885; reference:nessus,10013; classtype:web-application-activity; sid:1508; rev:17;)\n', '# alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"SERVER-WEBAPP tst.bat access"; flow:to_server,established; content:"/tst.bat"; fast_pattern:only; http_uri; metadata:ruleset community, service http; reference:bugtraq,770; reference:cve,1999-0885; reference:nessus,10014; classtype:web-application-activity; sid:1650; rev:15;)\n']

Configuration

Condition		Configuration
OR
OR
OR	cpe:2.3:a:computer_software_manufaktur:alibaba:2.0:::::::* Part: a Product: alibaba Vendor: computer_software_manufaktur Version: 2.0	Alle Schwachstellen für computer_software_manufaktur

Pre-Condition

                    <?xml version="1.0" ?>
<set operator="and">
    <set operator="or">
        <prop key="application" value="cpe:2.3:a:computer_software_manufaktur:alibaba:2.0:*:*:*:*:*:*:*"/>
    </set>
    <prop key="program_influence" value="input"/>
    <prop key="range" value="local"/>
</set>

Post-Condition

                      <?xml version="1.0" ?>
<set operator="and">
    <prop key="target" value="host"/>
    <set operator="or">
        <prop key="program_influence" value="input"/>
        <prop key="program_influence" value="output"/>
        <prop key="program_influence" value="existence"/>
    </set>
    <prop key="data" value="any"/>
    <set operator="or">
        <prop key="data_influence" value="read"/>
        <prop key="data_influence" value="write"/>
        <prop key="data_influence" value="delete"/>
    </set>
    <set operator="or">
        <prop key="range" value="local"/>
        <prop key="range" value="local"/>
    </set>
</set>

HPI-VDB — Database for IT-Attack Analysis