Remote Command Execution Vulnerability in phf CGI Program by Vendor
CVE-1999-0067

Currently unrated

Key Information:

Vendor: Apache
Status: Http Server; Ncsa Httpd
Vendor: CVE Published:; 20 March 1996

Summary

The phf CGI program exposes a vulnerability that allows remote command execution through the exploitation of shell metacharacters. Attackers can manipulate the input in a way that executes arbitrary commands on the server, potentially leading to unauthorized access and system compromise. The exploitation of this vulnerability impacts the integrity and confidentiality of the affected systems.

References

http://www.securityfocus.com/bid/629

vdb-entryx_refsource_BID

http://www.osvdb.org/136

vdb-entryx_refsource_OSVDB

http://www.cert.org/advisories/CA-1996-06.html

third-party-advisoryx_refsource_CERT

EPSS Score

91% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Jun 7, 1999
Vulnerability published
Mar 20, 1996