Description
The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Francisco Torres · textremotecgi
https://www.exploit-db.com/exploits/20423
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1975
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/298
Scores
EPSS
0.1294
EPSS Percentile
94.1%
Details
Status
published
Products (2)
ncsa/campas
ncsa/servers
Published
Jul 15, 1997
Tracked Since
Feb 18, 2026