← CVECheck
HomeVulnerabilities

CVE-1999-0146 — HIGH severity vulnerability (The campas CGI program provided with some NCSA web servers a)

The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file.

CVE IDCVE-1999-0146
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published1997-07-15
Last modified2026-04-16
DescriptionThe campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →