Exploitation Summary
EIP tracks 1 public exploit for CVE-1999-0985. PoCs published by Cody T. - hhp.
AI-analyzed exploit summary The writeup describes a command injection vulnerability in older versions of Whois scripts (Matt's Whois and CGI City Whois) due to improper filtering of metacharacters like ';'. This allows arbitrary command execution with web server privileges.
Description
CC Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry.
Exploits (1)
The writeup describes a command injection vulnerability in older versions of Whois scripts (Matt's Whois and CGI City Whois) due to improper filtering of metacharacters like ';'. This allows arbitrary command execution with web server privileges.