CVE-2002-1854

Name of the Vulnerable Software and Affected Versions Rlaj whois CGI script (whois.cgi) version 1.0

Description The issue allows remote attackers to execute arbitrary commands via shell metacharacters in the domain name field. This can be done by injecting malicious input into the field, potentially leading to unauthorized access and control.

Recommendations For version 1.0, consider restricting access to the whois.cgi script until a patch is available, or apply input validation to prevent shell metacharacter injection in the domain name field.