The rpm_query CGI is installed.
This CGI allows anyone who can connect to this
web server to obtain the list of the installed
This allows an attacker to determine the version
number of your installed services, hence making
their attacks more accurate.
Solution : remove this CGI from cgi-bin/
Risk factor : Low
BugTraq ID: 1036|
Common Vulnerability Exposure (CVE) ID: CVE-2000-0192
Bugtraq: 20000304 OpenLinux 2.3: rpm_query (Google Search)
|Copyright||This script is Copyright (C) 2000 Renaud Deraison|
|This is only one of 75017 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.