Family: CGI abuses --> Category: infos
Shells in /cgi-bin Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of various shells in /cgi-bin
Detailed Explanation for this Vulnerability Test
The remote web server has one of these shells installed
in /cgi-bin :
ash, bash, csh, ksh, sh, tcsh, zsh
Leaving executable shells in the cgi-bin directory of
a web server may allow a possible hacker to execute arbitrary
commands on the target machine with the rights of the
http daemon (usually root or nobody).
Solution : Remove all the shells from /cgi-bin.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.