Excite for Web Servers 1.1 Command...

- AV AC AU C I A
发布: 1998-01-16
修订: 2020-04-23

Excite for Web Servers, version 1.1, for Unix and Windows NT platforms, is a search engine software suite. A vulnerability in one of the scripts, architext_query.pl, allows a remote attacker to execute arbitrary commands with the privileges of the web server. Specific details of how this can be accomplished are not currently known by SecurityFocus staff, although it has been suggested that this is a shell metacharacter (eg., the pipe character) filtering issue (see CVE). Consequences of successful exploitation could include web site defacement, elevation of privileges by exploiting locally accessible vulnerabilities, etc.

0%
暂无可用Exp或PoC
产品及版本信息(CPE)暂不可用