Cobalt RaQ2 cgiwrap Vulnerability

Cobalt RaQ2 servers come with a program called "cgiwrap", which acts as a wrapper for cgi programs so that they run with the uid of their user instead of ' nobody'. It may be possible to cause a denial of service to websites hosted on the server or compromise web data.

cgiwrap interprets subdirectories of web/ in which cgi scripts are run as user directories, and if a user is created which happens to have the same name as the directory which scripts run from - cgiwrap will try to run a file that doesn't exist in that user's directory. In a worse case, a script can be substituted and important data submitted to web forms compromised.


Privacy Statement
Copyright 2010, SecurityFocus