 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.11722 |
| Category: | Web application abuses |
| Title: | cgiWebupdate.exe Information Disclosure / Privilege Escalation Vulnerability |
| Summary: | The CGI 'cgiWebupdate.exe' exists on this webserver.; Some versions of this file are vulnerable to remote exploit.;; An attacker can use this hole to gain access to confidential data; or escalate their privileges on the web server. |
| Description: | Summary: The CGI 'cgiWebupdate.exe' exists on this webserver. Some versions of this file are vulnerable to remote exploit. An attacker can use this hole to gain access to confidential data or escalate their privileges on the web server. Solution: Remove it from the cgi-bin or scripts folder. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2001-1150 BugTraq ID: 3216 http://www.securityfocus.com/bid/3216 Bugtraq: 20010822 [SNS Advisory No.38] Trend Micro Virus Buster (Ver.3.5x) Remote (Google Search) http://www.securityfocus.com/archive/1/209375 Bugtraq: 20010824 [SNS Advisory No.40] TrendMicro OfficeScan Corp Edition ver.3.54 Remote read file of IUSER authority Vulnerability (Google Search) http://www.securityfocus.com/archive/1/210087 http://www.iss.net/security_center/static/7014.php |
| Copyright | Copyright (C) 2003 John Lampe |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |