Matt's Whois contains a flaw that may allow a malicious user to execute arbitrary commands on the server where whois.cgi is installed. The issue is triggered when a malicious user creates a specially crafted request in the Domain Entry field on the whois.cgi script. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.
Upgrade to a version higher than 1.0, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.