|
Family: Gain a shell remotely --> Category: attack
man2web Command Execution Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks for command execution vulnerability in man2web
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a CGI script that allows for arbitrary
command execution.
Description :
The remote host appears to be running man2web, a program for
dynamically converting unix man pages to HTML.
The installed version of man2web allows attackers to execute arbitrary
shell commands on the remote host subject to the rights of the web
server user id.
Solution :
Unknown at this time.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|