The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 1999-09-29T04:00:00
Updated: 2024-08-01T16:27:57.934Z
Reserved: 1999-06-07T00:00:00
Link: CVE-1999-0146
Vulnrichment
No data.
NVD
Status : Modified
Published: 1997-07-15T04:00:00.000
Modified: 2024-11-20T23:27:58.453
Link: CVE-1999-0146
Redhat
No data.