Bugtraq mailing list archives
infosrch.cgi 'interactive' shell
From: rpc () INETARENA COM (rpc)
Date: Tue, 23 May 2000 15:11:37 -0700
Hello All, SGI's security advisory regarding infosrch.cgi minimizes the actual vulnerability. Not only does it allow you to view any file on the system, an attacker can easily run arbitrary commands. Attached is a simple perl script that demonstrates this. --rpc <h () ckz org> <HR NOSHADE> <UL> <LI>TEXT/PLAIN attachment: infosh.pl </UL>
Current thread:
- infosrch.cgi 'interactive' shell rpc (May 23)