This script is Copyright (C) 2000-2011 Tenable Network Security, Inc.
The remote web server hosts a CGI script that allows execution of
The version of the KW whois CGI script installed on the remote web
server fails to filter input to the 'whois' parameter of shell
metacharacters. An unauthenticated, remote attacker can leverage this
issue to execute arbitrary commands with the privileges of the http
See also :
Unknown at this time.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 7.1
Public Exploit Available : true