CVE-1999-0509
published 1996-05-29CVE-1999-0509: Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands.
PriorityP345critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
33.39%
98.2th percentile
Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands.
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
CGI Interpreter code injection (Nessus ID 10173 / ID 10208)
vuldb·2026-04-16·CVSS 10.0
CVE-1999-0509 [CRITICAL] CGI Interpreter code injection (Nessus ID 10173 / ID 10208)
A vulnerability, which was classified as critical, has been found in CGI Interpreter. The impacted element is an unknown function. This manipulation causes code injection.
This vulnerability is registered as CVE-1999-0509. Remote exploitation of the attack is possible. No exploit is available. Due to its background and reception, this vulnerability has an historic impact.
It is recommended to replace the affected component with an alternative.
GHSA
GHSA-fr45-fgh4-2qmm: Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary co
ghsa_unreviewed·2022-04-30
CVE-1999-0509 [HIGH] CWE-94 GHSA-fr45-fgh4-2qmm: Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary co
Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands.
Suricata
GPL WEB_SERVER perl command attempt
suricata·2010-09-23
CVE-1999-0509 GPL WEB_SERVER perl command attempt
GPL WEB_SERVER perl command attempt
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL WEB_SERVER perl command attempt"; flow:established,to_server; http.uri; content:"/perl?"; nocase; reference:arachnids,219; reference:cve,1999-0509; reference:nessus,10173; reference:url,www.cert.org/advisories/CA-1996-11.html; classtype:attempted-recon; sid:2101649; rev:12; metadata:created_at 2010_09_23, cve CVE_1999_0509, signature_severity Unknown, updated_at 2024_03_08;)
No public exploits indexed.
No writeups or analysis indexed.
1996-05-29
Published