Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen.
http://www.iss.net/security_center/static/8951.php
http://sourceforge.net/project/shownotes.php?release_id=87004
http://archives.neohapsis.com/archives/bugtraq/2002-04/0395.html