Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-0146


Vulnerability Score 7.5 7.5
CVE Id CVE-1999-0146
Last Modified 09 Sep 2008 08:33:50
Published 15 Jul 1997 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file.

Vulnerable Systems


  • Ncsa Campas

  • Ncsa Servers


XF - http-cgi-campas(298)

BID - 1975

Last Updated: 27 May 2016 10:34:50