A scripting vulnerability has been reported due to inadequate "sanitizing" of user input for certain Netquery v3.1 local execution operations. Additional details are provided in Secunia Product Note 5439 and in Secunia Advisory 16216
This issue has been addressed in ALL editions of Netquery v3.11 currently available from http://virtech.org/tools/ and users are strongly encouraged to update their installations to this latest version. The Netquery v3.11 bugfix is especially important for those sites where Netquery's local ping and/or local traceroute operations are enabled. For those who may prefer manual application of their own patch, user input for both of those operations is now fully "sanitized" the by using the following function:
function sanitizeSysString($string, $min = '', $max = '') { $pattern = '/(;|||`|>|<|&|^|"|'."n|r|'".'|{|}|[|]|)|()/i'; $string = preg_replace($pattern, '', $string); $string = '"'.preg_replace('/$/', '\$', $string).'"'; $len = strlen($string); if((($min != '') && ($len < $min)) || (($max != '') && ($len > $max))) return FALSE; return $string; }
Netquery links: Downloads | Manual | Live Demo | Forums
|