| VID |
21161 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The KW whois cgi is installed.
KW (Kootenay Web) Whois version 1.0 fails to strip shell metacharacters from data passed by remote clients to the 'whois' parameter. A remote attacker can submit a specially-crafted request to the CGI script to execute arbitrary commands with the privileges of the http daemon (root or nobody). |
| Recommendation |
Remove it from /cgi-bin or Upgrade to the latest version of KW Whois (1.1 or later), available from the KW Whois site. See References. |
| Related URL |
CVE-2000-0941 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
5438 (ISS) |
|
