[Japanese]

JVNDB-2007-000395

Homepage Builder sample CGI programs vulnerable to OS command injection

Overview

Some of the CGI sample programs included in Homepage Builder provided by IBM Japan contains a vulnerability which may allow an attacker to inject an arbitrary OS command.

According to the vendor, it is confirmed that vulnerable CGI sample programs are not included in the demo versions of each product.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 5.1 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
Affected Products


IBM Corporation
  • Homepage Builder 11
  • Homepage Builder 10
  • Homepage Builder V9
  • Homepage Builder V8
  • Homepage Builder V7
  • Homepage Builder V6.5 with HotMedia
  • Homepage Builder V6
  • Homepage Builder 2001
  • Homepage Builder 2000
  • Homepage Builder V3
  • Homepage Builder 10 Lite
  • Homepage Builder V9 Lite
  • Homepage Builder V8 Lite
  • Homepage Builder V7 Lite
  • Homepage Builder V6.5 with HotMedia Lite
  • Homepage Builder V2 Value Pack
  • Homepage Builder V6 Lite

Impact

An arbitrary command could be executed on the web server with the privilege of the web server process.
Solution

[Apply patch]

Apply the patch named "HPBCGIFIX " or manually fix the CGI programs installed on the server by following the instructions provided by the vendor.

"HPBCGIFIX " fixes the CGI sample programs in the sample folder. CGI programs customized or copied to a user's folder must be manually fixed.

For more information, please refer to the vendor's website.

"How to fix sample CGI of Homepage Builder"

Among sample CGI programs included in Homepage Builder, anketo.cgi, kansou.cgi, and order.cgi contain an OS command injection vulnerability as they do not properly validate input data.
Vendor Information

IBM Corporation
  • IBM : CGI (Japanese)
FUJITSU
CWE (What is CWE?)

CVE (What is CVE?)

References

  1. JVN : JVN#81294906
  2. JPCERT REPORT : JPCERT-WR-2007-1901 (Japanese)
Revision History

  • [2008/05/21]
      Web page published