Hans Persson Molly Multiple Remote Command Execution Vulnerabilities

info
discussion
exploit
solution
references

Hans Persson Molly Multiple Remote Command Execution Vulnerabilities

It has been reported that a remote command execution vulnerability exists in Molly. By constructing a malicious request, it may be possible for a remote attacker to execute arbitrary commands, with the privileges of Molly.

The vulnerability exists in several files in the 'unusedplugins' folder as well as 'plugins/nslookup.pl'.

This issue was reported for Molly 0.5.