COMMAND    /var/www/cgi-bin/pfdispaly.cgiSYSTEMS AFFECTED    IRIX 6.2, 6.3, 6.4
PROBLEM    J.A. Gutierrez found following.   If you do not remember  or don't
    know about the /cgi-bin/handler bug, take a look at 'httpd #4'  in
    IRIX section of Security Bugware.  Well, more of the same.  Anyone
    can read files (as 'nobody') from your system.  Exploit:
        lynx -source \
        'http://victim.com/cgi-bin/pfdispaly.cgi?/../../../../etc/motd'
    The   IRIS   Performer   API   Search   Tool   software  subsystem
    (performer_tools) is  loaded by  default when  installing the IRIX
    Performer 2.2 CD on IRIX 6.2, 6.3 and 6.4