|Title:||MSQL CGI overflow|
It seems possible to overflow the remote MSQL cgi
by making a request like :
This allows an attacker to execute arbitrary code
as the httpd server (nobody or root).
Solution : remove this CGI.
Risk factor : High
BugTraq ID: 591|
Common Vulnerability Exposure (CVE) ID: CVE-1999-0753
Bugtraq: 19990817 Stupid bug in W3-msql (Google Search)
XForce ISS Database: mini-sql-w3-msql-cgi
|Copyright||This script is Copyright (C) 1999 Renaud Deraison|
|This is only one of 73533 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.