|
|
Family: CGI abuses --> Category: attack
Alkalay.Net Multiple Scripts Arbitrary Command Execution Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for arbitrary command execution vulnerabilities in multiple scripts from Alkalay.Net
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a CGI script that allows for arbitrary
command execution and file disclosure.
Description :
The remote host appears to be running at least one CGI script written
by Avi Alkalay that allows attackers to execute arbitrary commands or
read arbitrary files on the remote host subject to the rights of
the web server user id.
See also :
http://www.cirt.net/advisories/alkalay.shtml
Solution :
Remove the affected scripts.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
