CyberSec.Space Logo
CVEブラウザに戻る

CVE-1999-0146

HIGH
7.5
CVSS Severity Score
EPSS Score0.0870%
EPSS Percentile0.19th
Published1997年7月15日
Last Modified2026年4月16日

Vulnerability Description

The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file.

Affected Platforms (CPE)

📦
Ncsa

Campas

All versions
📦
Ncsa

Servers

All versions

References & Advisories

🔗 http://www.securityfocus.com/bid/1975
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/298
🔗 http://www.securityfocus.com/bid/1975
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/298

関連する脆弱性情報

CVE-1999-020410.0

Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.

CVE-1999-053910.0

A trust relationship exists between two Unix hosts.

CVE-1999-039710.0

The demo version of the Quakenbush NT Password Appraiser sends passwords across the network in plaintext.

CVE-1999-054710.0

An SSH server allows authentication through the .rhosts file.