Originally Published: Friday, 10 December 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

Whois.cgi - ADVISORY.

"These versions allow execution of commands due to lack of shell escape character parsing if the domain entries consist of one of the following strings..." Versions include: Internic Whois Lookup v1.0, CC Whois v1.0, Matt's whois v1