cnvd - cnvd-2018-16264

cnvd-2018-16264

Vulnerability from cnvd

Title: Nikto CSV注入漏洞（CNVD-2018-16264）

Description:

Nikto是一款开源的(GPL)网页服务器扫描器，它可以对网页服务器进行全面的多种扫描，包含超过3300种有潜在危险的文件/CGIs；超过625 种服务器版本；超过230种特定服务器问题。扫描项和插件可以自动更新(如果需要)。基于Whisker/libwhisker完成其底层功能。

Nikto 2.1.6及之前版本中存在CSV注入漏洞。远程攻击者可借助HTTP响应包头中的Server字段利用该漏洞注入任意系统命令。

Severity: 高

Formal description:

厂商尚未提供漏洞修复方案，请关注厂商主页更新: https://cirt.net/Nikto2

Reference: https://nvd.nist.gov/vuln/detail/CVE-2018-11652

Impacted products

Name
cirt.net Nikto <=2.1.6

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-11652"
    }
  },
  "description": "Nikto\u662f\u4e00\u6b3e\u5f00\u6e90\u7684(GPL)\u7f51\u9875\u670d\u52a1\u5668\u626b\u63cf\u5668\uff0c\u5b83\u53ef\u4ee5\u5bf9\u7f51\u9875\u670d\u52a1\u5668\u8fdb\u884c\u5168\u9762\u7684\u591a\u79cd\u626b\u63cf\uff0c\u5305\u542b\u8d85\u8fc73300\u79cd\u6709\u6f5c\u5728\u5371\u9669\u7684\u6587\u4ef6/CGIs\uff1b\u8d85\u8fc7625 \u79cd\u670d\u52a1\u5668\u7248\u672c\uff1b\u8d85\u8fc7230\u79cd\u7279\u5b9a\u670d\u52a1\u5668\u95ee\u9898\u3002\u626b\u63cf\u9879\u548c\u63d2\u4ef6\u53ef\u4ee5\u81ea\u52a8\u66f4\u65b0(\u5982\u679c\u9700\u8981)\u3002\u57fa\u4e8eWhisker/libwhisker\u5b8c\u6210\u5176\u5e95\u5c42\u529f\u80fd\u3002\r\n\r\nNikto 2.1.6\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728CSV\u6ce8\u5165\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9HTTP\u54cd\u5e94\u5305\u5934\u4e2d\u7684Server\u5b57\u6bb5\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165\u4efb\u610f\u7cfb\u7edf\u547d\u4ee4\u3002",
  "discovererName": "unknwon",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0:\r\nhttps://cirt.net/Nikto2",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-16264",
  "openTime": "2018-08-27",
  "products": {
    "product": "cirt.net Nikto \u003c=2.1.6"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-11652",
  "serverity": "\u9ad8",
  "submitTime": "2018-06-28",
  "title": "Nikto CSV\u6ce8\u5165\u6f0f\u6d1e\uff08CNVD-2018-16264\uff09"
}

CVE-2018-11652 (GCVE-0-2018-11652)

Vulnerability from cvelistv5

Published

2018-06-01 15:00

Modified

2024-08-05 08:17

Severity ?

CWE

Summary

CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header, which is directly injected into a CSV report.

References

▼	URL	Tags
	https://github.com/sullo/nikto/commit/e759b3300aace5314fe3d30800c8bd83c81c29f7	x_refsource_MISC
	https://www.exploit-db.com/exploits/44899/	exploit, x_refsource_EXPLOIT-DB

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:17:07.764Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/sullo/nikto/commit/e759b3300aace5314fe3d30800c8bd83c81c29f7"
          },
          {
            "name": "44899",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/44899/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header, which is directly injected into a CSV report."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-20T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/sullo/nikto/commit/e759b3300aace5314fe3d30800c8bd83c81c29f7"
        },
        {
          "name": "44899",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/44899/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-11652",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header, which is directly injected into a CSV report."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/sullo/nikto/commit/e759b3300aace5314fe3d30800c8bd83c81c29f7",
              "refsource": "MISC",
              "url": "https://github.com/sullo/nikto/commit/e759b3300aace5314fe3d30800c8bd83c81c29f7"
            },
            {
              "name": "44899",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/44899/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-11652",
    "datePublished": "2018-06-01T15:00:00",
    "dateReserved": "2018-06-01T00:00:00",
    "dateUpdated": "2024-08-05T08:17:07.764Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted