CGI abuses : rpm

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.10340

Category: CGI abuses

Title: rpm_query CGI

Summary: NOSUMMARY

Description: Description:

The rpm_query CGI is installed.

This CGI allows anyone who can connect to this
web server to obtain the list of the installed
RPMs.

This allows an attacker to determine the version
number of your installed services, hence making
their attacks more accurate.

Solution : remove this CGI from cgi-bin/
Risk factor : Low

Cross-Ref: BugTraq ID: 1036
Common Vulnerability Exposure (CVE) ID: CVE-2000-0192
http://www.securityfocus.com/bid/1036
Bugtraq: 20000304 OpenLinux 2.3: rpm_query (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2000-03/0029.html

Copyright This script is Copyright (C) 2000 Renaud Deraison

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.10340
Category:	CGI abuses
Title:	rpm_query CGI
Summary:	NOSUMMARY
Description:	Description: The rpm_query CGI is installed. This CGI allows anyone who can connect to this web server to obtain the list of the installed RPMs. This allows an attacker to determine the version number of your installed services, hence making their attacks more accurate. Solution : remove this CGI from cgi-bin/ Risk factor : Low
Cross-Ref:	BugTraq ID: 1036 Common Vulnerability Exposure (CVE) ID: CVE-2000-0192 http://www.securityfocus.com/bid/1036 Bugtraq: 20000304 OpenLinux 2.3: rpm_query (Google Search) http://archives.neohapsis.com/archives/bugtraq/2000-03/0029.html
Copyright	This script is Copyright (C) 2000 Renaud Deraison