|
Family: CGI abuses --> Category: infos
webwho plus Vulnerability Scan
Vulnerability Scan Summary Checks if webwho.pl is vulnerable
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a CGI script that is prone to arbitrary
code execution.
Description :
The WebWho+ CGI script appears to be installed on the remote host.
This Perl script allows a possible hacker to view any file on the remote host
as well as to execute arbitrary commands, both subject to the rights
of the web server user id.
See also :
http://archives.neohapsis.com/archives/bugtraq/1999-q4/0469.html
Solution :
Remove the affected script.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|