cvelistv5 - cve-1999-0067

cve-1999-0067

Vulnerability from cvelistv5

Published

1999-09-29 04:00

Modified

2024-08-01 16:27

Severity ?

Summary

phf CGI program allows remote command execution through shell metacharacters.

References

URL	Tags
cve@mitre.org	http://www.cert.org/advisories/CA-1996-06.html	Third Party Advisory, US Government Resource
cve@mitre.org	http://www.osvdb.org/136	Broken Link
cve@mitre.org	http://www.securityfocus.com/bid/629	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.cert.org/advisories/CA-1996-06.html	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/136	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/629	Broken Link, Third Party Advisory, VDB Entry

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T16:27:57.471Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "629",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/629"
          },
          {
            "name": "136",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/136"
          },
          {
            "name": "CA-1996-06",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-1996-06.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "phf CGI program allows remote command execution through shell metacharacters."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2004-09-02T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "629",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/629"
        },
        {
          "name": "136",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/136"
        },
        {
          "name": "CA-1996-06",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-1996-06.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-1999-0067",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "phf CGI program allows remote command execution through shell metacharacters."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "629",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/629"
            },
            {
              "name": "136",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/136"
            },
            {
              "name": "CA-1996-06",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-1996-06.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-1999-0067",
    "datePublished": "1999-09-29T04:00:00",
    "dateReserved": "1999-06-07T00:00:00",
    "dateUpdated": "2024-08-01T16:27:57.471Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5EA86B9-4F86-4ADA-BC6A-4F6E261848F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ncsa:ncsa_httpd:1.5a:*:export:*:*:*:*:*\", \"matchCriteriaId\": \"7D7735EC-8C34-4C2B-B8CC-154182D070C2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"phf CGI program allows remote command execution through shell metacharacters.\"}]",
      "id": "CVE-1999-0067",
      "lastModified": "2024-11-20T23:27:45.950",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "1996-03-20T05:00:00.000",
      "references": "[{\"url\": \"http://www.cert.org/advisories/CA-1996-06.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.osvdb.org/136\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/bid/629\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.cert.org/advisories/CA-1996-06.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.osvdb.org/136\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/bid/629\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-1999-0067\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"1996-03-20T05:00:00.000\",\"lastModified\":\"2024-11-20T23:27:45.950\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"phf CGI program allows remote command execution through shell metacharacters.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5EA86B9-4F86-4ADA-BC6A-4F6E261848F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ncsa:ncsa_httpd:1.5a:*:export:*:*:*:*:*\",\"matchCriteriaId\":\"7D7735EC-8C34-4C2B-B8CC-154182D070C2\"}]}]}],\"references\":[{\"url\":\"http://www.cert.org/advisories/CA-1996-06.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/136\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/629\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.cert.org/advisories/CA-1996-06.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/136\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/629\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

gsd-1999-0067

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

phf CGI program allows remote command execution through shell metacharacters.

Aliases

CVE-1999-0067

Aliases

CVE-1999-0067

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-1999-0067",
    "description": "phf CGI program allows remote command execution through shell metacharacters.",
    "id": "GSD-1999-0067"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-1999-0067"
      ],
      "details": "phf CGI program allows remote command execution through shell metacharacters.",
      "id": "GSD-1999-0067",
      "modified": "2023-12-13T01:22:57.546574Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-1999-0067",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "phf CGI program allows remote command execution through shell metacharacters."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "629",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/629"
          },
          {
            "name": "136",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/136"
          },
          {
            "name": "CA-1996-06",
            "refsource": "CERT",
            "url": "http://www.cert.org/advisories/CA-1996-06.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:*",
                    "matchCriteriaId": "B5EA86B9-4F86-4ADA-BC6A-4F6E261848F6",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:ncsa:ncsa_httpd:1.5a:*:export:*:*:*:*:*",
                    "matchCriteriaId": "7D7735EC-8C34-4C2B-B8CC-154182D070C2",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "phf CGI program allows remote command execution through shell metacharacters."
          }
        ],
        "id": "CVE-1999-0067",
        "lastModified": "2024-01-26T20:00:52.747",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "HIGH",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "integrityImpact": "COMPLETE",
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              "exploitabilityScore": 10.0,
              "impactScore": 10.0,
              "obtainAllPrivilege": true,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ]
        },
        "published": "1996-03-20T05:00:00.000",
        "references": [
          {
            "source": "cve@mitre.org",
            "tags": [
              "Third Party Advisory",
              "US Government Resource"
            ],
            "url": "http://www.cert.org/advisories/CA-1996-06.html"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link"
            ],
            "url": "http://www.osvdb.org/136"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.securityfocus.com/bid/629"
          }
        ],
        "sourceIdentifier": "cve@mitre.org",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-78"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

phf CGI program allows remote command execution through shell metacharacters. This document describes a vulnerability in a CGI script known as phf which was widely exploited in 1996 and 1997. A vulnerability exists in the sample cgi bin program, phf, which is included with NCSA httpd, and Apache 1.0.3, an NCSA derivitive. By supplying certain characters that have special meaning to the shell, arbitrary commands can be executed by remote users under whatever user the httpd is run as. The phf program, and possibly other programs, call the escape_shell_cmd() function. This subroutine is intended to strip dangerous characters out prior to passing these strings along to shell based library calls, such as popen() or system(). By failing to capture certain characters, however, it becomes possible to execute commands from these calls. Versions below each of the vulnerable webservers are assumed to be vulnerable to exploitation via the phf example code

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-199603-0003",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "http server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apache",
        "version": "1.0.3"
      },
      {
        "model": "httpd",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ncsa",
        "version": "1.5a"
      },
      {
        "model": "httpd a-export",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ncsa",
        "version": "1.5"
      },
      {
        "model": "apache",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apache",
        "version": "1.0.3"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-199603-002"
      },
      {
        "db": "NVD",
        "id": "CVE-1999-0067"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ncsa:ncsa_httpd:1.5a:*:export:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-1999-0067"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "This bug was first made public by the IBM ERS Team. However, the bug was reported to them by Jennifer Myers early in 1996. Previous to that the exploit had been in wide distribution circles among hackers. The actual release date of the IBM ERS Advisory (E",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-199603-002"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-1999-0067",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": true,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-1999-0067",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-1999-0067",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#20276",
            "trust": 0.8,
            "value": "60.48"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-199603-002",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULMON",
            "id": "CVE-1999-0067",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#20276"
      },
      {
        "db": "VULMON",
        "id": "CVE-1999-0067"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-199603-002"
      },
      {
        "db": "NVD",
        "id": "CVE-1999-0067"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "phf CGI program allows remote command execution through shell metacharacters. This document describes a vulnerability in a CGI script known as phf which was widely exploited in 1996 and 1997. A vulnerability exists in the sample cgi bin program, phf, which is included with NCSA httpd, and Apache 1.0.3, an NCSA derivitive. By supplying certain characters that have special meaning to the shell, arbitrary commands can be executed by remote users under whatever user the httpd is run as. \nThe phf program, and possibly other programs, call the escape_shell_cmd() function. This subroutine is intended to strip dangerous characters out prior  to passing these strings along to shell based library calls, such as popen() or system(). By failing to capture certain characters, however, it becomes  possible to execute commands from these calls. \nVersions below each of the vulnerable webservers are assumed to be vulnerable to exploitation via  the phf example code",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-1999-0067"
      },
      {
        "db": "CERT/CC",
        "id": "VU#20276"
      },
      {
        "db": "BID",
        "id": "629"
      },
      {
        "db": "VULMON",
        "id": "CVE-1999-0067"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "629",
        "trust": 2.0
      },
      {
        "db": "OSVDB",
        "id": "136",
        "trust": 1.7
      },
      {
        "db": "NVD",
        "id": "CVE-1999-0067",
        "trust": 1.7
      },
      {
        "db": "CERT/CC",
        "id": "VU#20276",
        "trust": 0.9
      },
      {
        "db": "CERT/CC",
        "id": "CA-1996-06",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-199603-002",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-1999-0067",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#20276"
      },
      {
        "db": "VULMON",
        "id": "CVE-1999-0067"
      },
      {
        "db": "BID",
        "id": "629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-199603-002"
      },
      {
        "db": "NVD",
        "id": "CVE-1999-0067"
      }
    ]
  },
  "id": "VAR-199603-0003",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.33333334
  },
  "last_update_date": "2024-01-29T19:09:17.931000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "stixify-core",
        "trust": 0.1,
        "url": "https://github.com/signalscorps/stixify-core "
      },
      {
        "title": "obstracts-core",
        "trust": 0.1,
        "url": "https://github.com/signalscorps/obstracts-core "
      },
      {
        "title": "Common-Vulnerabilities-Exposures",
        "trust": 0.1,
        "url": "https://github.com/lauravoicu/common-vulnerabilities-exposures "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/lauravoicu/vulnerabilities "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-1999-0067"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-78",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-1999-0067"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.cert.org/advisories/ca-1996-06.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/629"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/136"
      },
      {
        "trust": 0.8,
        "url": "http://www.ers.ibm.com/tech-info/advisories/sva/1996/ers-sva-e01-1996:002.1.txt"
      },
      {
        "trust": 0.8,
        "url": "http://www.ers.ibm.com/tech-info/advisories/sva/1996/ers-sva-e01-1996:002.2.txt"
      },
      {
        "trust": 0.8,
        "url": "ftp://ftp.auscert.org.au/pub/auscert/advisory/aa-96.01.vulnerability.in.ncsa.apache.cgi.example.cod"
      },
      {
        "trust": 0.8,
        "url": " ftp://info.cert.org/pub/cert_advisories/ca-96.06.cgi_example_code"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/signalscorps/stixify-core"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.kb.cert.org/vuls/id/20276"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#20276"
      },
      {
        "db": "VULMON",
        "id": "CVE-1999-0067"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-199603-002"
      },
      {
        "db": "NVD",
        "id": "CVE-1999-0067"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#20276"
      },
      {
        "db": "VULMON",
        "id": "CVE-1999-0067"
      },
      {
        "db": "BID",
        "id": "629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-199603-002"
      },
      {
        "db": "NVD",
        "id": "CVE-1999-0067"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2001-01-28T00:00:00",
        "db": "CERT/CC",
        "id": "VU#20276"
      },
      {
        "date": "1996-03-20T00:00:00",
        "db": "VULMON",
        "id": "CVE-1999-0067"
      },
      {
        "date": "1996-03-20T00:00:00",
        "db": "BID",
        "id": "629"
      },
      {
        "date": "1996-03-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-199603-002"
      },
      {
        "date": "1996-03-20T05:00:00",
        "db": "NVD",
        "id": "CVE-1999-0067"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-04-17T00:00:00",
        "db": "CERT/CC",
        "id": "VU#20276"
      },
      {
        "date": "2008-09-09T00:00:00",
        "db": "VULMON",
        "id": "CVE-1999-0067"
      },
      {
        "date": "1996-03-20T00:00:00",
        "db": "BID",
        "id": "629"
      },
      {
        "date": "2007-02-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-199603-002"
      },
      {
        "date": "2024-01-26T20:00:52.747000",
        "db": "NVD",
        "id": "CVE-1999-0067"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-199603-002"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "phf Remote Command Execution Vulnerability",
    "sources": [
      {
        "db": "BID",
        "id": "629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-199603-002"
      }
    ],
    "trust": 0.9
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-199603-002"
      }
    ],
    "trust": 0.6
  }
}

cve-1999-0067

Vulnerability from fkie_nvd

Published

1996-03-20 05:00

Modified

2024-11-20 23:27

Severity ?

Summary

phf CGI program allows remote command execution through shell metacharacters.

References

URL	Tags
cve@mitre.org	http://www.cert.org/advisories/CA-1996-06.html	Third Party Advisory, US Government Resource
cve@mitre.org	http://www.osvdb.org/136	Broken Link
cve@mitre.org	http://www.securityfocus.com/bid/629	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.cert.org/advisories/CA-1996-06.html	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/136	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/629	Broken Link, Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	apache	http_server	1.0.3
	ncsa	ncsa_httpd	1.5a

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5EA86B9-4F86-4ADA-BC6A-4F6E261848F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ncsa:ncsa_httpd:1.5a:*:export:*:*:*:*:*",
              "matchCriteriaId": "7D7735EC-8C34-4C2B-B8CC-154182D070C2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "phf CGI program allows remote command execution through shell metacharacters."
    }
  ],
  "id": "CVE-1999-0067",
  "lastModified": "2024-11-20T23:27:45.950",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "1996-03-20T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-1996-06.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/136"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/629"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-1996-06.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/629"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-1999-0067

Vulnerability from cvelistv5

gsd-1999-0067

Vulnerability from gsd

var-199603-0003

Vulnerability from variot

cve-1999-0067

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature