|
Family: CGI abuses --> Category: attack
AN HTTPd count.pl file truncation Vulnerability Scan
Vulnerability Scan Summary Creates a file on the remote server
Detailed Explanation for this Vulnerability Test
The remote web server is running a CGI called 'count.pl' which may be used
by a possible hacker to overwrite any existing file on the remote server, with
the rights of the httpd server.
A possible hacker may use this flaw to prevent this host from working properly.
Solution : Delete /isapi/count.pl
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|