CGI abuses : HappyMall Command Execution

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.11602

Category: CGI abuses

Title: HappyMall Command Execution

Summary: NOSUMMARY

Description: Description:

The remote host is running the HappyMall E-Commerce CGI suite.

There is a flaw in this suite which allows an attacker to execute
arbitrary commands with the privileges of the HTTP daemon (typically
root or nobody), by making a request like :
/shop/normal_html.cgi?file= pipe symbol id pipe symbol

Solution : Upgrade to the newest version of this CGI
Risk factor : High

Cross-Ref: BugTraq ID: 7529
BugTraq ID: 7530
Common Vulnerability Exposure (CVE) ID: CVE-2003-0243
http://securitytracker.com/id?1006707
http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0058.html

Copyright This script is Copyright (C) 2003 Renaud Deraison

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.11602
Category:	CGI abuses
Title:	HappyMall Command Execution
Summary:	NOSUMMARY
Description:	Description: The remote host is running the HappyMall E-Commerce CGI suite. There is a flaw in this suite which allows an attacker to execute arbitrary commands with the privileges of the HTTP daemon (typically root or nobody), by making a request like : /shop/normal_html.cgi?file= pipe symbol id pipe symbol Solution : Upgrade to the newest version of this CGI Risk factor : High
Cross-Ref:	BugTraq ID: 7529 BugTraq ID: 7530 Common Vulnerability Exposure (CVE) ID: CVE-2003-0243 http://securitytracker.com/id?1006707 http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0058.html
Copyright	This script is Copyright (C) 2003 Renaud Deraison