CCBill's whereami.cgi vunerable to remote exploit

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • webair
    Confirmed User
    • Feb 2002
    • 8531

    #1

    CCBill's whereami.cgi vunerable to remote exploit

    malicious attackers can run arbitrary commands on your servers if you are using ccbill.

    A vulnerability has been reported in CCBill whereami.cgi, which can be exploited by malicious people to compromise a vulnerable system. It is possible to supply system commands to the "g" parameter, which allows execution of arbitrary commands with the privileges of the web service.

    you can safely delete whereami.cgi without effecting the way the site or ccbill's software works

    webair techs have already disabled it on all managed servers and virtual servers, and we recommend anyone else do the same

    more info
    http://www.secunia.co.uk/advisories/9191/
    http://www.securitytracker.com/alert...l/1007100.html

    and you can call ccbill to confirm i guess


    ~ Webair Dedicated Cloud Servers™ ~ WEBAIR VSYS™ Virtual Hosting Platform ~ Superior CDN Network ~
    ~ Managed Dedicated hosting Specialists ~ DISCOUNT DOMAIN NAMES! ~ WEBAIR FUSION IO MANAGED CLOUD SERVERS! ~


    ICQ: 243116321 - TWITTER - @WEBAIRINC - E-Mail: [email protected]
  • AcidMax
    Confirmed User
    • May 2002
    • 1827

    #2
    DOH
    Latest MMA news. http://www.mmawrapup.com

    Comment

    • bigdog
      Confirmed User
      • Jul 2001
      • 6964

      #3
      nice to see webair has done that for their clients

      Comment

      • Warden
        Confirmed User
        • Nov 2002
        • 2906

        #4
        Once again, always looking out for your customers. You guys are the best! I love you WebAir!
        AIM: ZeeRiddler
        ICQ: 128160005
        Warden's MS

        Comment

        • ytcracker
          stc is the greatest
          • Dec 2002
          • 12403

          #5
          hack teh g1bson
          www.ytcracker.com | www.digitalgangster.com
          i love you

          Comment

          • BradShaw
            Confirmed User
            • Oct 2001
            • 7840

            #6
            I am sure they are on top of it and you can expect an update soon. Dam hackers.
            Sig too big

            http://www.gofuckyourself.com/gfy_faqs.html

            Want to use a large banner in your sig??? Contact Eric about getting on as an advertiser - eric AT adult.com

            Comment

            • gothweb
              Confirmed User
              • Jun 2002
              • 8849

              #7
              I'd like to hear about this from someone at CCBill.

              Photos by Ian X.: Distinctive photos of goth babes.
              Blood Money:Your traffic, my sites, our money.
              MojoHost: Still the best.

              Comment

              • Naughty
                Confirmed User
                • Jul 2001
                • 6487

                #8
                1. This file is not even necessary to have ccbill working properly, it is just for installing purposes only if I am not mistaken;
                2. CC Bill changed the scripts for your account with md5 encoding, so this is history altogether


                [edit: point 1.) was already in webairs post]
                seks.ai for sale - ping me

                Comment

                • Naughty
                  Confirmed User
                  • Jul 2001
                  • 6487

                  #9
                  Note: You do have to change/have it changed to the new scripts though, but it is very easy.
                  seks.ai for sale - ping me

                  Comment

                  • SpaceAce
                    Confirmed User
                    • Jul 2002
                    • 6493

                    #10
                    Thanks for the heads-up.

                    SpaceAce

                    Comment

                    • SpaceAce
                      Confirmed User
                      • Jul 2002
                      • 6493

                      #11
                      Originally posted by BradShaw
                      I am sure they are on top of it and you can expect an update soon. Dam hackers.
                      Without the "damn hacker" who found this and reported it your server might be endlessly open to anyone who wanted to play around. You should send them a basket of flowers and learn to distinguish between a hacker and a cracker.

                      SpaceAce

                      Comment

                      Working...