CVE

Id
465  
CVE No.
CVE-1999-0467  
Status
Candidate  
Description
The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrary files using the "template" parameter.  
Phase
Modified (20000106-01)  
Votes
ACCEPT(4) Blake, Frech, Landfield, Ozancin | NOOP(3) Baker, Christey, Northcutt  
Comments
Christey> CVE-1999-0287 is probably a duplicate of CVE-1999-0467. In | NTBUGTRAQ:19990409 Webcom"s CGI Guestbook for Win32 web servers | Mnemonix says that he had previously reported on a similar | problem. Let"s refer to the NTBugtraq posting as | CVE-1999-0467. We will refer to the "previous report" as | CVE-1999-0287, which can be found at: | http://oliver.efri.hr/~crv/security/bugs/NT/httpd41.html | | 0287 describes an exploit via the "template" hidden variable. | The exploit describes manually editing the HTML form to | change the filename to read from the template variable. | | The exploit as described in 0467 encodes the template variable | directly into the URL. However, hidden variables are also | encoded into the URL, which would have looked the same to | the web server regardless of the exploit. Therefore 0287 | and 0467 are the same. | Christey> | The CD:SF-EXEC content decision also applies here. We have 2 | programs, wguest.exe and rguest.exe, which appear to have the | same problem. CD:SF-EXEC needs to be accepted by the Editorial | Board before this candidate can be converted into a CVE | entry. When finalized, CD:SF-EXEC will decide whether | this candidate should be split or not. | Christey> BID:2024  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
1016 465 CVE-1999-0467 NTBUGTRAQ:19990409 Webcom"s CGI Guestbook for Win32 web servers  View

Related JVN