National Cyber Warfare Foundation (NCWF)

CVE-1999-0509
0 user ratings		2000-01-14 00:00:00
milo
CVEs
 - archive -- 

CVE-1999-0509

Date: 2000-01-14

Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands.



References:

Christey: What is the right level of abstraction to use here? Should we combine all possible interpreters into a single entry, or have a different entry for each one? I've often seen Perl separated from other interpreters - is it included by default in some Windows web server configurations

Christey: Add tcsh, zsh, bash, rksh, ksh, ash, to support search

Frech: XF:http-cgi-vuln(146


Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
CVEs


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.