|
|
Family: CGI abuses --> Category: infos
whois_raw Vulnerability Scan
Vulnerability Scan Summary
Checks if whois_raw.cgi is vulnerable
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a CGI script that is prone to arbitrary
command execution attacks.
Description :
The remote host appears to be using the CdomainFree 'whois_raw.cgi'
script.
This CGI script allows a possible hacker to view any file on the target
computer, as well as to execute arbitrary commands.
See also :
http://cert.uni-stuttgart.de/archive/bugtraq/1999/06/msg00007.html
Solution :
Upgrade to CdomainFree 2.5 or to one of the commercial versions.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
