|
Family: CGI abuses --> Category: attack
Buffer overflow in WebSite Professional's webfind.exe Vulnerability Scan
Vulnerability Scan Summary Buffer overflow attempt
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a CGI script that is affected by a
buffer overflow flaw.
Description :
The 'webfind.exe' CGI script on the remote host is vulnerable to a
buffer overflow when given a too long 'keywords' argument. This
problem allows a possible hacker to execute arbitrary code as root on this
host.
See also :
http://archives.neohapsis.com/archives/bugtraq/2000-07/0268.html
Solution :
Upgrade to WebSite Professional 2.5 or delete this CGI.
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|