source: wwwsecurityfocuscom/bid/2000/info
Whois scripts provide InterNIC lookup services via HTTP The vulnerable scripts include versions of Matt's Whois and CGI City Whois Older versions of these fail to filter metacharacters, allowing execution of arbitrary commands by embedding the commands in the domain name to lookup Specifically, ...