Wednesday, October 1, 2014

Software flaw #7

Not much time left this week so this time something really easy. Old plain CGI script written in Perl (one of levels from


use CGI qw{param};

print "Content-type: text/html\n\n";

sub ping {
  $host = $_[0];

  print("<html><head><title>Ping results</title></head><body><pre>");

  @output = `ping -c 3 $host 2>&1`;
  foreach $line (@output) { print "$line"; } 



# check if Host set. if not, display normal page, etc



What type of vulnerability is this? Why this code is vulnerable?


How one could exploit this code? What could be achieved by the exploit?


How to fix this vulnerability? What countermeasure(s) could be put in place in order to make exploitation harder (or impossible)?

My solution will be published on 5.10.2014.