https://www.exploit-db.com/exploits/23512
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-426

InfoTouchSurfnetkiosk存在漏洞。本地用户可以借助CMD_CREDITCARD_CHARGE命令使Surfnet崩溃并且访问潜在的操作系统。

source: http://www.securityfocus.com/bid/9348/info

Surfnet is prone to a denial of service vulnerability via the CMD_CREDITCARD_CHARGE command. By issuing this command with malformed arguments, it is possible to crash the software. When the software crashes, it will drop the kiosk user into the underlying operating system. 

C:SurfnetWWWRootCMD_CREDITCARD_CHARGE:Charge=20

来源:BID
名称:9348
链接:http://www.securityfocus.com/bid/9348