|
|
Family: CGI abuses --> Category: infos
Excite for WebServers Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of /cgi-bin/ews
Detailed Explanation for this Vulnerability Test
The Excite for Webservers is installed. This CGI has
a well documented security flaw that lets anyone execute arbitrary
commands with the rights of the http daemon (root or nobody).
Versions newer than 1.1. are patched.
Solution : if you are running version 1.1 or older, then
upgrade it.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
