{"vuid":"VU#318835","idnumber":"318835","name":"Mike Spice's Quiz Me! does not adequately validate user input","keywords":["Mike Spice","Quiz Me!","CGI script","input validation","dot-dot"],"overview":"Mike Spice's Quiz Me! does not adequately validate user input, allowing directory traversal. As a result, an attacker can cause Quiz Me! to overwrite any file on the server to which the web server process has write privileges.","clean_desc":"Mike Spice's Quiz Me! is a CGI script written in Perl, enabling webmasters to publish interactive quizzes on their sites. The CGI variable 'quiz' is passed by Quiz Me! to Perl's open() function, without adequate validation to filter '../' sequences and null bytes. As a result, an attacker can cause Quiz Me! to traverse directories and overwrite any file on the server to which the web server process has write privileges.","impact":"Remote attackers can overwrite files on the server.","resolution":"Upgrade Upgrade to version 0.6 or later of Quiz Me!: http://www.fuzzymonkey.org/files/quiz-0.6.zip","workarounds":"","sysaffected":"","thanks":"Thanks to Mike Spice for reporting this vulnerability.","author":"This document was written by Shawn Van Ittersum.","public":["http://online.securityfocus.com/bid/3857","http://freshmeat.net/projects/quizme!/","http://freshmeat.net/~mikespice/"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-01-17T17:36:51Z","publicdate":"2002-01-10T00:00:00Z","datefirstpublished":"2002-09-18T14:08:52Z","dateupdated":"2002-09-18T14:08:58Z","revision":6,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"4","cam_population":"4","cam_impact":"8","cam_easeofexploitation":"15","cam_attackeraccessrequired":"20","cam_scorecurrent":"3.42","cam_scorecurrentwidelyknown":"4.32","cam_scorecurrentwidelyknownexploited":"7.92","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":3.42,"vulnote":null}