|Category:||Web application abuses|
|Summary:||An old version of 'Count.cgi' cgi is installed.; It has a well known security flaw that lets anyone execute arbitrary; commands with the privileges of the http daemon (root, nobody, www...)|
An old version of 'Count.cgi' cgi is installed.
It has a well known security flaw that lets anyone execute arbitrary
commands with the privileges of the http daemon (root, nobody, www...)
Upgrade to wwwcount 2.4 or later.
BugTraq ID: 128|
Common Vulnerability Exposure (CVE) ID: CVE-1999-0021
Bugtraq: 19971010 Security flaw in Count.cgi (wwwcount) (Google Search)
Cert/CC Advisory: CA-97.24.Count_cgi
XForce ISS Database: http-cgi-count
|Copyright||This script is Copyright (C) 2004 Michel Arboi|
|This is only one of 69903 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.