|
Family: CGI abuses --> Category: infos
KW whois Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of /cgi-bin/whois.cgi
Detailed Explanation for this Vulnerability Test
The KW whois cgi is installed. This CGI has
a well documented security flaw that lets anyone execute arbitrary
commands with the rights of the http daemon (root or nobody).
Solution : remove it from /cgi-bin or upgrade to version 1.1
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|