{"vuid":"VU#250107","idnumber":"250107","name":"Mike Spice's Vote does not adequately validate user input","keywords":["Mike Spice","Vote","CGI script","input validation"],"overview":"Mike Spice's Vote does not adequately validate user input, allowing directory traversal. As a result, an attacker can cause Vote to overwrite any file on the server to which the web server process has write privileges.","clean_desc":"Mike Spice's Vote is a CGI script written in Perl and designed to add polling capabilities to web sites. The CGI variable 'type' is passed by Vote to Perl's open() function, without adequate validation to filter '../' sequences and null bytes. As a result, an attacker can cause Vote to traverse directories and overwrite any file on the server to which the web server process has write privileges.","impact":"Remote attackers can overwrite files on the server.","resolution":"Upgrade Upgrade to version 1.3 or later of Vote: http://www.fuzzymonkey.org/files/vote-1.3.zip","workarounds":"","sysaffected":"","thanks":"Thanks to Mike Spice for reporting this vulnerability.","author":"This document was written by Shawn Van Ittersum.","public":["http://www.securityfocus.com/bid/3854","http://freshmeat.net/projects/mikessurveycgi/","http://freshmeat.net/~mikespice/"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-01-17T17:33:50Z","publicdate":"2002-01-09T00:00:00Z","datefirstpublished":"2002-09-18T14:10:12Z","dateupdated":"2002-09-18T14:10:16Z","revision":4,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"4","cam_population":"4","cam_impact":"8","cam_easeofexploitation":"15","cam_attackeraccessrequired":"20","cam_scorecurrent":"3.42","cam_scorecurrentwidelyknown":"4.32","cam_scorecurrentwidelyknownexploited":"7.92","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":3.42,"vulnote":null}