|
Family: CGI abuses --> Category: infos
webspirs.cgi Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of webspirs.cgi
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a CGI script that is prone to
information disclosure.
Description :
The remote host is running WebSPIRS, SilverPlatter's Information
Retrieval System for the World Wide Web.
The installed version of WebSPIRS has a well documented security flaw that
lets a possible hacker read arbitrary files with the rights of the http
daemon (usually root or nobody).
See also :
http://archives.neohapsis.com/archives/bugtraq/2001-02/0217.html
Solution :
Remove this CGI script.
Threat Level:
Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)
Click HERE for more information and discussions on this network vulnerability scan.
|