HighCheck or Attack Name: Campas
The campas CGI program contains a vulnerability that allows a remote attacker to execute commands on a web server with the privileges of the user owning the server process. The campas program is included as a sample CGI program in some older versions of the NCSA server.
The campas CGI program is not required for the normal functioning of your web server and should be deleted.
BUGTRAQ Mailing List, Francisco Torres <ftorres@CASTOR.JAVERIANA.EDU.CO>, Bug CGI campas, http://www.netspace.org/cgi-bin/wa?A2=ind9707c&L=bugtraq&F=&S=&P=1048
