|
Family: CGI abuses --> Category: infos
pagelog.cgi Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of /cgi-bin/pagelog.cgi
Detailed Explanation for this Vulnerability Test
The 'pagelog.cgi' cgi is installed. This CGI has
a well documented security flaw that lets a possible hacker create arbitrary
files on the remote server, ending in .txt, and reading arbitrary
files ending in .txt or .log
*** Warning : this flaw was not tested by Nessus. Check the existence
of /tmp/nessus_pagelog_cgi.txt on this host to find out if you
are vulnerable or not.
Solution : remove it from /cgi-bin.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|