Eric S. writes in: "Important: Versions prior to 1.33 contained in the file "getdoc.pl" a potentially serious security threat. Malicious Web users could submit a modified document request to "getdoc.pl" that could provide the Web user with the contents of important files or even provide them will local shell access if the script is running on a system that provides such access. WE STRONGLY RECOMMEND updating to version 1.34 [available at:] bones.med.ohio-state.edu/prospero/. Thanks also go to John C. for finding the hole and supplying the patch.
By dchud - Posted on June 5th, 2000