Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-0146

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-1999-0146
Last Modified 09 Sep 2008 08:33:50
Published 15 Jul 1997 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-1999-0146

Summary

The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file.

Vulnerable Systems

Application

  • Ncsa Campas

  • Ncsa Servers


References

XF - http-cgi-campas(298)

BID - 1975


Last Updated: 27 May 2016 10:34:50