• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

CSNews Remote Command Execution Vulnerability

csNews is a script for managing news items on a website. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems.

csNews is prone to an issue which may enable an attacker to execute Perl code with the privileges of the webserver process.

For exploitation to be successful, the attacker must pass properly URL encoded Perl code in CGI parameters via a web request. For example:

http://host/cgi-bin/csNews.cgi?command=savesetup&setup=PERL_CODE_HERE

Reportedly, this vulnerability may also be exploited by placing arbitrary Perl code within any text field on the 'Advanced Settings' form. The code must be formatted as follows:

\"; PERL_CODE_HERE \"