The 'get32.exe' CGI script is installed on this
machine. This CGI has a well known security flaw that allows an
attacker to execute arbitrary commands on the remote system with
the privileges of the HTTP daemon (typically root or nobody).
Solution : Remove the 'get32.exe' script from your web server's
CGI directory (usually cgi-bin/)..
Risk factor : High
BugTraq ID: 770|
Common Vulnerability Exposure (CVE) ID: CVE-1999-0885
Bugtraq: 19991103 More Alibaba Web Server problems... (Google Search)
XForce ISS Database: alibaba-url-file-manipulation
|Copyright||This script is Copyright (C) 1999 Renaud Deraison|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.