All versions of Sambar server running under Windows NT and 2000 (95/98 not vulnerable) have vulnerabilities which allow remote command execution.
7b13bc962d27ef93b883d59d73a68c652e8b342cd4167afd0fde35917066ca60
PRODUCT
-------
The Sambar Server is a multi-threaded HTTP, FTP and
Proxy server for Windows NT and Windows 95.
AFFECTED VERSIONS
-----------------
All version of Sambar server running under Windows NT 4.0 and
Windows 2000. Windows 98 version is vulnerable.
VULNERABILITY DESCRIPTION
-------------------------
The default installation of Sambar server, put into server's
/CGI-BIN/ directory two .BAT files - ECHO.BAT and HELLO.BAT.
These are simple files with just one "echo" command in them.
However under Windows NT these files can cause a lot of trouble.
The problem IMHO lays in CMD.EXE, the example follows:
https://yourdomain/cgi-bin/hello.bat?&dir+c:\
You'll see a nice listing of your C: drive :-))
Sambar server runs with Administrator privileges under NT so
even if you use NTFS, you still will be affected.
SOLUTION
--------
Delete any .BAT files in /CGI-BIN/ directory of your Sambar server.
CREDIT
------
This bug was discovered by Georich Chorbadzhiyski and Nikolay Tsvetkov.
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed