Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:10041
Category:Web application abuses
Title:Cobalt RaQ2 cgiwrap
Summary:'cgiwrap' is installed. If you are running an unpatched Cobalt RaQ,; the version of cgiwrap distributed with that system has a known security flaw that lets anyone execute; arbitrary commands with the privileges of the http daemon (root or nobody).;; This flaw exists only on the Cobalt modified cgiwrap. Standard builds of cgiwrap are not affected.
Description:Summary:
'cgiwrap' is installed. If you are running an unpatched Cobalt RaQ,
the version of cgiwrap distributed with that system has a known security flaw that lets anyone execute
arbitrary commands with the privileges of the http daemon (root or nobody).

This flaw exists only on the Cobalt modified cgiwrap. Standard builds of cgiwrap are not affected.

Solution:
Upgrade your Cobalt RaQ to apply fix.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: BugTraq ID: 1238
BugTraq ID: 777
Common Vulnerability Exposure (CVE) ID: CVE-1999-1530
http://www.securityfocus.com/bid/777
Bugtraq: 19991108 Security flaw in Cobalt RaQ2 cgiwrap (Google Search)
http://marc.info/?l=bugtraq&m=94209954200450&w=2
Bugtraq: 19991109 [Cobalt] Security Advisory - cgiwrap (Google Search)
http://marc.info/?l=bugtraq&m=94225629200045&w=2
http://www.osvdb.org/35
http://www.iss.net/security_center/static/7764.php
Common Vulnerability Exposure (CVE) ID: CVE-2000-0431
http://www.securityfocus.com/bid/1238
Bugtraq: 20000522 Problem with FrontPage on Cobalt RaQ2/RaQ3 (Google Search)
http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000523100045.B11049@HiWAAY.net
Bugtraq: 20000525 Cobalt Networks - Security Advisory - Frontpage (Google Search)
http://www.osvdb.org/1346
XForce ISS Database: cobalt-cgiwrap-bypass
CopyrightCopyright (C) 1999 Mathieu Perrin

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.