Preface: Cdomain whois_raw.cgiLogo -Internet Security Systems

Cdomain whois_raw.cgi
advICE :Intrusions : 2106042
 FAQ
Oh my gosh, I'm being HACKED!!!
How do I report the hacker to my ISP?
I'm seeing lots of attacks, is this normal?

Summary

Suspicious field in CGI form.

Details

Cdomain is a commercial CGI package that provides a Web-based gateway to the Whois service. A vulnerability in the script of Freeware versions of Cdomain previous to 2.5 could allow a remote attacker to use shell metacharacters (such as &, |, or \) in the domain entry to execute arbitrary commands on the system with privileges of the Web server process. Later versions of CdomainFree, as well as all versions of CdomainPro are not vulnerable, because they connect directly to the Whois server. However, this vulnerability affects the whois_raw.cgi in versions 1.x and the cdomain.pl in versions 2.0 through 2.4.

 more information
X-Force: 2251   Cdomain whois_raw.cgi script allows remote execution of arbitrary commands
 

 parametric information
URLThe suspicious URL.
accessedIndicates whether the URL was successfully accessed.
codeThe HTTP return code.
argThe argument to the GET command (if any).

 
Version appeared: 3.5
Privacy Policy |  Copyright Info