COMMAND

    DNSTools

SYSTEMS AFFECTED

    DNSTools v1.08

PROBLEM

    Jonathan  Leto  found  following.   Dnstools  1.08  (available  at
    http://www.dnstools.com/dnst_v1.tgz)  has  18  cgi  scripts   with
    various functions,  like AddMx,  DeleteDomain, that  all start off
    like this:

        #!/usr/bin/perl
        
        use CGI;
        use DBI;
        my $CGI = new CGI;
        
        ########################################################
        ### Get all of the values from the web form
        ########################################################
        
        my $host_name;
        my $domain_name;
        
        $host_name = $CGI->param("host_name");
        $domain_name = $CGI->param("domain_name");
        
        $error_description = "";
        my $error_code = system("/usr/local/dnstools/delete_mx -d \"$domain_name\" -n \"$host_name\"");

    Not a lick  of input validation  is done, so  executing and poking
    around the filesystem  as the webserver  is possible.   It doesn't
    even vainly check the referrer.  This costs $800??

SOLUTION

    No response.