CVE-2000-1014

Name of the Vulnerable Software and Affected Versions SCO Unixware 7

Description A format string issue exists in the search97.cgi CGI script, allowing remote attackers to execute arbitrary commands by including format characters in the queryText parameter of the "/cgi-bin/search97.cgi" API endpoint.

Recommendations For SCO Unixware 7, consider disabling the search97.cgi script until a patch is available to prevent exploitation. Restrict access to the vulnerable CGI script to minimize the risk of arbitrary command execution. Avoid using the queryText parameter in the affected API endpoint until the issue is resolved.