Info

Disclosure

Mar 20, 1996

Discovery

Unknown

Dates

Exploit

Jan 01, 1996

Solution

Unknown

Description

Apache Software Foundation Apache and NCSA httpd contain a flaw that may allow a malicious user to execute arbitrary commands. The issue is triggered when a remote attacker requests the 'phf' program with a specially crafted argument, which will execute arbitrary commands on the target machine. This flaw may lead to a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified
OSVDB: Web Related

Solution

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Remove the 'phf' script from the web server

Products

Apache Software Foundation	Apache	0.8.x
		1.0.1
		1.0.2
		1.0.3

NCSA	httpd	1.1
		1.2
		1.3
		1.4.2
		1.5c

References

ISS X-Force ID: 148
CVE ID: 1999-0067 (see also: NVD)
Bugtraq ID: 629
CERT: CA-1996-06
Keyword: CGI
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1996_3/0510.html
Other Advisory URL: http://www.insecure.org/sploits/phf-cgi.html
Generic Informational URL: http://www.whitehats.com/info/IDS128

Credit

r00t -

Direct URL: http://osvdb.org/136