Intrusion Prevention

CGI.SiteInteractive.Setup.PL.Arbitrary.Command.Execution

Description

It indicates a malicious attacker attempted to execute unauthorized remote commands against SiteInteractive. SiteInteractive Subscribe Me setup.pl script does properly sanitize user supplied URI input. An attacker can invoke this script and use the URI paramters to create a file on the system. The attacker can then execute that file to have arbitrary Perl code run on the system.

Affected Products

SiteInteractive Subscribe Me Pro and SiteInteractive Subscribe Me Enterprise

Impact

Compromise of the affected system.

Recommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.