|
Family: CGI abuses --> Category: infos
Count.cgi Vulnerability Scan
Vulnerability Scan Summary Checks Count.cgi version
Detailed Explanation for this Vulnerability Test
An old version of 'Count.cgi' cgi is installed.
It has a well documented security flaw that lets anyone execute arbitrary
commands with the rights of the http daemon (root, nobody, www...)
** Note that Nessus only checked the version number
Solution : upgrade to wwwcount 2.4 or later.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|