{"vuid":"VU#453475","idnumber":"453475","name":"PGPMail.pl does not adequately validate user input thereby allowing arbitrary command execution","keywords":["PGPMail.pl","user input","open()","arbitrary command execution","FormMail.pl","Matt Wright"],"overview":"PGPMail.pl does not adequately filter user input, allowing arbitrary command execution.","clean_desc":"PGPMail.pl is an adaptation of the FormMail.pl CGI script, enhanced to use PGP encryption. PGPMail.pl does not adequately filter the \"recipient\" and \"pgpuserid\" CGI variables before passing them to piped Perl open() function calls, inevoking shells. As a result, attackers may execute arbitrary commands on the server with privileges of the web server process.","impact":"Remote attackers can execute arbitrary commands on the server with privileges of the web server process.","resolution":"The CERT/CC is currently unaware of a practical solution to this problem.","workarounds":"","sysaffected":"","thanks":"Thanks to John Scimone for reporting this vulnerability.","author":"This document was written by Shawn Van Ittersum.","public":["h","t","t","p",":","/","/","w","w","w",".","v","e","n","t","u","r","a","b","l","v","d",".","c","o","m","/","p","g","p","m","a","i","l","/"],"cveids":["CVE-2001-0937"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-11-30T15:15:56Z","publicdate":"2001-11-29T00:00:00Z","datefirstpublished":"2002-09-27T16:07:32Z","dateupdated":"2003-04-15T14:29:23Z","revision":6,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"4","cam_population":"4","cam_impact":"10","cam_easeofexploitation":"15","cam_attackeraccessrequired":"20","cam_scorecurrent":"4.275","cam_scorecurrentwidelyknown":"5.4","cam_scorecurrentwidelyknownexploited":"9.9","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":4.275,"vulnote":null}