Avi Alkalay nslookup.cgi query Variable Arbitrary Command Execution
Remote / Network Access
Loss of Integrity
nslookup.cgi contains a flaw that may allow a malicious user to execute arbitrary commands on the server. The issue is triggered when a semi-colon is entered into the 'query' variable as a seperator for arbitrary commands.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.