2 matches found
Leif Wright ad.cgi file Parameter Arbitrary Command Execution
The CGI 'ad.cgi' is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
CVE-2001-0025
CVE-2001-0025 affects the ad.cgi CGI program by Leif Wright. The vulnerability allows remote arbitrary command execution via shell metacharacters in the file parameter, with the CGI typically running under web server privileges (often root or nobody). The issue is documented in multiple sources (...